News Stay informed about the latest enterprise technology news and product updates.

IPv6 vulnerable to remote denial-of-service attacks

There's a new OpenBSD vulnerability with the implementation of IPv6. Organizations need to upgrade to prevent a possible denial-of-service attack.

The OpenBSD implementation of IPv6 has a security vulnerability that requires an upgrade to prevent a remote attacker from causing a denial of service.

IPv6 is the successor to IPv4 and is already being implemented by some enterprises, either alone or in parallel with IPv4. While one of the main attractions of IPv6 is its vastly larger address space, administrators are also anticipating security improvements, especially with authentication.

However, independent security researcher Georgi Guninski has identified an error in the handling of IPv6 traffic when the host is configured to receive ICMPv6 (Internet Control Message Protocol) and is listening on a TCP port. A remote attacker can take advantage of this by setting a small IPv6 MTU (Maximum Transmission Unit) and then connecting to an open TCP port. This will crash the target system, causing a denial of service

The problem occurs on OpenBSD 3.4. PivX Solutions recommends OpenBSD administrators acquire the revised code from CVS and recompile their kernels.

For more information on this vulnerability, visit Secunia's advisory here.

Dig Deeper on IPv6 security and network protocols security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.