[ipv6hackers] IOS 7
Marc Heuse
mh at mh-sec.de
Thu Sep 19 08:25:38 CEST 2013
In the IOS7 security update list:
Kernel
Available for: iPhone 4 and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An attacker on a local network can cause a denial of service
Description: An attacker on a local network can send specially
crafted IPv6 ICMP packets and cause high CPU load. The issue was
addressed by rate limiting ICMP packets before verifying their
checksum.
CVE-ID
CVE-2011-2391 : Marc Heuse
If anyone want to test for this: this was flooding with ICMPv6 Neighbor Solicitation messages (flood_solicitate6 eth0 <target>).
Maybe this fix also reduces the impact of flooding with Router Advertisements.
On a side note: this only took them over 15 months to fix :-)
Greets,
Marc
--
Marc Heuse
www.mh-sec.de
PGP: AF3D 1D4C D810 F0BB 977D 3807 C7EE D0A0 6BE9 F573
More information about the Ipv6hackers
mailing list