Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: IPV6 vulnerability

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
All Threads

This thread has been marked as resolved.
p_noot IPV6 vulnerability
Member 5th Apr, 2011 16:39
Ranking: 8
Posts: 22
User Since: 17th Nov, 2010
System Score: N/A
Location: N/A
Hi all,

There is a serious IPV6 vulnerability that can not be patched.

Links related to this vulnerability:

http://seclists.org/dailydave/2011/q2/3

http://tools.ietf.org/html/draft-chown-v6ops-rogue...

This vulnerability is not detected by PSI.
Windows OS is affected by this vulnerability.
I do not know if this vulnerability is a problem for other OS too.

Post "RE: IPV6 vulnerability" has been selected as an answer.
mogs RE: IPV6 vulnerability
Expert Contributor 5th Apr, 2011 17:08
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Here's some info/explanation just found :-

Windows PCs can be compromised by an IPv6 flaw

SLAAC attacks possible
By Asavin Wattanajantra
Tue Apr 05 2011, 12:49
AN INSECURITY RESEARCHER has revealed that IPv6 can enable 'man in the middle attacks' on Windows PCs.
Alec Waters of the Infosec Institute showed off a proof of concept attack that targeted Windows 7 systems, but said it could apply in theory to any operating system with IPv6 installed and operational.
The attack physically needs rogue hardware, a router that's connected to the victim's IPv4 network that will act as a sort of network parasite. The router will have two interfaces, with the one facing the victim IPv6-capable and the one facing the Internet IPv4-capable.
The systems at risk will use the newer IPv6 protocol rather than the older IPv4 protocol. This means that in an IPv4 based network, traffic will flow through the rogue router instead of legitimate routers. It is called a Stateless Address Auto Configuration (SLAAC) attack, named after the process it is taking advantage of.


Read more: http://www.theinquirer.net/inquirer/news/2040539/w...
The Inquirer

--
Was this reply relevant?
+1
-0
Anthony Wells RE: IPV6 vulnerability
Expert Contributor 5th Apr, 2011 17:44
Score: 2414
Posts: 3,310
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hi ,

Just to add to the info provided by Mogs , the PSI does not detect/display unpatched programmes , apps or hardware ; this is a deliberate decision as , apparently , it conflicts with certain commercial priorities . The exception to this is your browser(s) and add-ons as detailed in the "secure browsing" module of the PSi .

No doubt Secunia will have a Secunia Advisory for the problem when they have completed their research on the vulnerability and it's consequences .

Hope that helps .

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
p_noot RE: IPV6 vulnerability
Member 5th Apr, 2011 23:56
Score: 8
Posts: 22
User Since: 17th Nov 2010
System Score: N/A
Location: N/A
Hi Mogs, Anthony,

Thanks for the useful info.

I understand:
1. If IPv6 is activated you are vulnerable
for a man-in-the-middle-attack on every OS,
not only on a Windows 7 system.
2. Disabling IPv6 is at best a short term solution,
since without IPv6 the grow of the Internet
will grind to a halt.
3. IPv6 has a security issue by design.
4. Secunia is working on a advisory about
this problem.

Meanwhile, the hunt for network parasites and
rogue RAs has to be on.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability