[nsp-sec] New IPV6 NDP issue (via cert)
Chris Morrow
morrowc at ops-netman.net
Fri Oct 3 13:50:18 EDT 2008
since one of my vendors sent out a note about this (hi greg, ask your
alert folks to actually put the alert on the alert page eh?), another is
listed.. what say you vendor folks?
<http://www.kb.cert.org/vuls/id/472363>
"IPv6 implementations insecurely update Forward Information Base"
Looks like you can reply with "Yea, I'm that neighbor, send traffic over
there ->"
This looks like it's also discussed (according to cert) in: RFC 3756
and... looks like a problem that can't be immediately solved without some
changes to ND? Since it's a local LAN issue unless your local LAN is
compromised/made-up-of-compromised-hosts things should be good, eh?
(low threat... I guess)
-Chris
More information about the nsp-security
mailing list