[ipv6hackers] Fwd: CVE-2016-1409: IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability

Fernando Gont fgont at si6networks.com
Wed Aug 10 21:58:01 CEST 2016


Folks,

FYI


-------- Forwarded Message --------
Subject: CVE-2016-1409: IPv6 Neighbor Discovery Crafted Packet Denial of
Service Vulnerability
Date: Wed, 10 Aug 2016 17:52:16 +0000
From: Suresh Krishnan <suresh.krishnan at ericsson.com>
To: IETF IPv6 Mailing List <ipv6 at ietf.org>, IPv6 Operations
<v6ops at ops.ietf.org>, 6man-chairs at ietf.org <6man-chairs at ietf.org>,
v6ops-chairs at ietf.org <v6ops-chairs at ietf.org>

Hi all,
   I have been notified about this vulnerability and have been asked
whether this is due to an issue with the IPv6 protocol specifications.
At first glance, I have a hard time seeing how this attack is possible
on any compliant RFC4861 implementation given that the 255 Hop Limit
check would drop any remote attack packets. If someone on the 6man/v6ops
mailing lists has further info, can you please contact me off-list. My
goal is to figure out if there is any protocol work or operational
guidance needed from the IETF side.

More info:

This is the CVE list entry in question

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1409

The Cisco security advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6

The Juniper knowledge base entry

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10749&cat=SIRT_1&actp=LIST

Thanks
Suresh

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6 at ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------



More information about the Ipv6hackers mailing list