[ipv6hackers] CVE-2020-16898: "Bad Neighbor" (IPv6 SLAAC/RDNSS)

Fernando Gont fgont at si6networks.com
Wed Oct 14 18:19:26 UTC 2020

Hi, Gert,

On 14/10/20 14:42, Gert Doering wrote:
> Hi,
> On Wed, Oct 14, 2020 at 07:06:19PM +0200, Marc Heuse wrote:
>> Everywhere it???s classified as remote and wormable - but I would expect it to only work on the local lan due hop count security.
> This assumes that Windows does the (required...) HopCount=255 check
> on reception.
> Given that other OSes have been found to neglect this check in the past, I
> wouldn't bet my Windows VMs on this...

THe general purpose OSes I have tested (*BSD, Linux, MS Windows) seemed 
to do the Hop Limit check. In this case, since this is an 
implementation-dependent vulnerability, I'd guess it's mostly Windows 
that matters, though.

Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

More information about the Ipv6hackers mailing list