[ipv6hackers] CVE-2020-16898: "Bad Neighbor" (IPv6 SLAAC/RDNSS)
Fernando Gont
fgont at si6networks.com
Wed Oct 14 17:33:10 UTC 2020
Hi, Marc,
On 14/10/20 14:06, Marc Heuse wrote:
> Everywhere it’s classified as remote and wormable - but I would expect it to only work on the local lan due hop count security.
I agree with this, except for cases where e.g. ISATAP is employed. --
for instance, ISATAP relies on RAs that traverse multiple links tunneled
on IPv4 packets.
> When you get it working please test if it is the case ... thanks!
Once I figure how to trigger the "blue screen", I will extend the
testing to e.g. attack ISATAP tunnels.
Will then report back to the group.
Thanks!
Regards,
--
Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
More information about the Ipv6hackers
mailing list