EUVD-2015-5270

Malware in sbrugna...

CVE-2011-1418

The stateless address autoconfiguration aka SLAAC functionality in the IPv6 networking implementation in Apple iOS before 4.3 and Apple TV before 4.2 places the MAC address into the IPv6 address, which makes it easier for remote IPv6 servers to track users by logging source IPv6 addresses...

Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool

A China-aligned advanced persistent threat APT group called TheWizards has been linked to a lateral movement tool called Spellbinder that can facilitate adversary-in-the-middle AitM attacks. "Spellbinder enables adversary-in-the-middle AitM attacks, through IPv6 stateless address autoconfiguratio...

PT-2025-7115 · Tp Link · Tp-Link Tl-Wr841Nd

Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR841ND version V11 Description: A buffer overflow issue was discovered, triggered by the dnsserver1 and dnsserver2 parameters at the "/userRpm/WanSlaacCfgRpm.htm" API endpoint. This allows attackers to cause a Denial of Service Do...

EulerOS 2.0 SP12 : docker-engine (EulerOS-SA-2024-2500)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container...

CVE-2024-32473

CVE-2024-32473 affects Moby (Docker Engine/related tooling). In 26.0.0 IPv6 was not disabled on interfaces, including those with --ipv6=false, allowing containers with ipvlan/macvlan to access local networks via IPv6, potentially receive SLAAC addresses, or join IPv6 multicast groups, increasing ...

CVE-2024-32473 Moby IPv6 enabled on IPv4-only network interfaces

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. An container with an ipvl...

dnsmasq: heap overflow in the IPv6 router advertisement code

A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement RA handling code. An attacker on the local network segment could send crafted RAs to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. This issue only affected configurations using one o...

Code injection

Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid SLAAC IPv6 addresses to interfaces when "boot protocol" is set to None, which might allow remote attackers to communicate with a system designated to be unreachable...

CVE-2015-5293

Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid SLAAC IPv6 addresses to interfaces when "boot protocol" is set to None, which might allow remote attackers to communicate with a system designated to be unreachable...

Network Security Testing: Evil Foca

Evil Foca is a tool for security pentesters and auditors whose purpose it is to test security in IPv4 and IPv6 data networks. The software automatically scans the networks and identifies all devices and their respective network interfaces, specifying their IPv4 and IPv6 addresses as well as the...

Evil FOCA - MITM, DoS, DNS Hijacking in IPv4 and IPv6 Penetration Testing Tool

Evil Foca is a tool for security pentesters and auditors whose purpose it is to test security in IPv4 and IPv6 data networks. The tool is capable of carrying out various attacks such as: MITM over IPv4 networks with ARP Spoofing and DHCP ACK Injection. MITM on IPv6 networks with Neighbor...

FreeBSD-SA-14:20.rtsold

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-14:20.rtsold Security Advisory The FreeBSD Project Topic: rtsold8 remote buffer overflow vulnerability Category: core Module: rtsold Announced: 2014-10-21 Credits...

targets-ipv6-multicast-slaac NSE Script

Performs IPv6 host discovery by triggering stateless address auto-configuration SLAAC. This script works by sending an ICMPv6 Router Advertisement with a random address prefix, which causes hosts to begin SLAAC and send a solicitation for their newly configured address, as part of duplicate addre...

Microsoft Windows IPv4 Default Configuration Security Bypass Vulnerability

The host is installed with Microsoft Windows operating system and is prone to security bypass vulnerability. This NVT has been replaced by NVT secpodms10-015.nasl OID:1.3.6.1.4.1.25623.1.0.900740. OpenVAS Vulnerability Test $Id: gbmswindowsnicsecuritybypassvuln.nasl 5362 2017-02-20 12:46:39Z cfi ...

CVE-2011-1652

The default configuration of Microsoft Windows 7 immediately prefers a new IPv6 and DHCPv6 service over a currently used IPv4 and DHCPv4 service upon receipt of an IPv6 Router Advertisement RA, and does not provide an option to ignore an unexpected RA, which allows remote attackers to conduct...

CVE-2011-1652

CVE-2011-1652 concerns Windows 7 default behavior: upon IPv6 Router Advertisement, the system prefers a new IPv6/DHCPv6 path over existing IPv4/DHCPv4 and provides no option to ignore an unexpected RA. This enables remote attackers on the local network to perform man-in-the-middle attacks on traf...

PT-2011-3266 · Microsoft · Windows 7

Name of the Vulnerable Software and Affected Versions: Microsoft Windows 7 affected versions not specified Description: The default configuration of Microsoft Windows 7 prefers a new IPv6 and DHCPv6 service over a currently used IPv4 and DHCPv4 service upon receipt of an IPv6 Router Advertisement...

CVE-2011-1418

The stateless address autoconfiguration aka SLAAC functionality in the IPv6 networking implementation in Apple iOS before 4.3 and Apple TV before 4.2 places the MAC address into the IPv6 address, which makes it easier for remote IPv6 servers to track users by logging source IPv6 addresses...

CVE-2011-1418

The CVE relates to IPv6 SLAAC on Apple iOS before 4.3 and Apple TV before 4.2, where the MAC address is exposed in the IPv6 address. This allows remote servers to potentially track users via source IPv6 addresses. Root cause: IPv6 SLAAC implementation leaking the MAC into the address. The provide...