IPv6 vulnerable to remote denial-of-service attacks

There's a new OpenBSD vulnerability with the implementation of IPv6. Organizations need to upgrade to prevent a possible denial-of-service attack.

The OpenBSD implementation of IPv6 has a security vulnerability that requires an upgrade to prevent a remote attacker from causing a denial of service.

IPv6 is the successor to IPv4 and is already being implemented by some enterprises, either alone or in parallel with IPv4. While one of the main attractions of IPv6 is its vastly larger address space, administrators are also anticipating security improvements, especially with authentication.

However, independent security researcher Georgi Guninski has identified an error in the handling of IPv6 traffic when the host is configured to receive ICMPv6 (Internet Control Message Protocol) and is listening on a TCP port. A remote attacker can take advantage of this by setting a small IPv6 MTU (Maximum Transmission Unit) and then connecting to an open TCP port. This will crash the target system, causing a denial of service

The problem occurs on OpenBSD 3.4. PivX Solutions recommends OpenBSD administrators acquire the revised code from CVS and recompile their kernels.

For more information on this vulnerability, visit Secunia's advisory here.

This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close