CVE-2006-6263

Summary: CVE-2006-6263 involves Teredo clients when source routing is enabled. The issue arises when an encapsulated IPv6 packet contains a Routing header; the client may forward the packet to the next hop, potentially allowing remote actors to bypass policies on gateways that drop all source-rou...

CVE-2006-6264

CVE-2006-6264 describes a Teredo weakness where trusted peer entries are created for arbitrary incoming Teredo addresses, even when the low 32 bits encode an intranet address. This could allow remote attackers to send IPv4 traffic to intranet hosts that use non-RFC1918 addresses, bypassing IPv4 i...

CVE-2006-6265

CVE-2006-6265 describes a Teredo-related risk where clients behind a restricted NAT can be reached for inbound connections by either using the client port embedded in the Teredo address or via the bubble-to-open procedure. The vulnerability stems from Teredo’s handling of port discovery in constr...

CVE-2006-6266

CVE-2006-6266 concerns Teredo clients: when following RFC4380-5.2.3 item 6, Teredo clients initiate direct IPv6 connectivity (ping) tests in response to non-Teredo source addresses, potentially causing affected clients to send packets to third parties. The provided documents describe the behavior...