Secunia
Login
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Thread: IPV6 vulnerability
You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.This thread was submitted in the following forum:
All Threads
| p_noot | IPV6 vulnerability |
|---|---|
 |
5th Apr, 2011 16:39 |
|
Ranking: 8 Posts: 22 User Since: 17th Nov, 2010 System Score: N/A Location: N/A |
Hi all, There is a serious IPV6 vulnerability that can not be patched. Links related to this vulnerability: http://seclists.org/dailydave/2011/q2/3 http://tools.ietf.org/html/draft-chown-v6ops-rogue... This vulnerability is not detected by PSI. Windows OS is affected by this vulnerability. I do not know if this vulnerability is a problem for other OS too. |
Post "RE: IPV6 vulnerability" has been selected as an answer.
| mogs | RE: IPV6 vulnerability | ||||||||
|
5th Apr, 2011 17:08 | ||||||||
| Score: 2163 Posts: 5,883 User Since: 22nd Apr 2009 System Score: 100% Location: UK |
Here's some info/explanation just found :- Windows PCs can be compromised by an IPv6 flaw SLAAC attacks possible By Asavin Wattanajantra Tue Apr 05 2011, 12:49 AN INSECURITY RESEARCHER has revealed that IPv6 can enable 'man in the middle attacks' on Windows PCs. Alec Waters of the Infosec Institute showed off a proof of concept attack that targeted Windows 7 systems, but said it could apply in theory to any operating system with IPv6 installed and operational. The attack physically needs rogue hardware, a router that's connected to the victim's IPv4 network that will act as a sort of network parasite. The router will have two interfaces, with the one facing the victim IPv6-capable and the one facing the Internet IPv4-capable. The systems at risk will use the newer IPv6 protocol rather than the older IPv4 protocol. This means that in an IPv4 based network, traffic will flow through the rogue router instead of legitimate routers. It is called a Stateless Address Auto Configuration (SLAAC) attack, named after the process it is taking advantage of. Read more: http://www.theinquirer.net/inquirer/news/2040539/w... The Inquirer -- |
||||||||
|
|||||||||
| Anthony Wells | RE: IPV6 vulnerability | ||||||||
|
|
5th Apr, 2011 17:44 | ||||||||
| Score: 2324 Posts: 3,203 User Since: 19th Dec 2007 System Score: N/A Location: N/A |
Hi , Just to add to the info provided by Mogs , the PSI does not detect/display unpatched programmes , apps or hardware ; this is a deliberate decision as , apparently , it conflicts with certain commercial priorities . The exception to this is your browser(s) and add-ons as detailed in the "secure browsing" module of the PSi . No doubt Secunia will have a Secunia Advisory for the problem when they have completed their research on the vulnerability and it's consequences . Hope that helps . Anthony -- It always seems impossible until its done. Nelson Mandela |
||||||||
|
|||||||||
| p_noot | RE: IPV6 vulnerability | ||||||||
|
|
5th Apr, 2011 23:56 | ||||||||
| Score: 8 Posts: 22 User Since: 17th Nov 2010 System Score: N/A Location: N/A |
Hi Mogs, Anthony, Thanks for the useful info. I understand: 1. If IPv6 is activated you are vulnerable for a man-in-the-middle-attack on every OS, not only on a Windows 7 system. 2. Disabling IPv6 is at best a short term solution, since without IPv6 the grow of the Internet will grind to a halt. 3. IPv6 has a security issue by design. 4. Secunia is working on a advisory about this problem. Meanwhile, the hunt for network parasites and rogue RAs has to be on. |
||||||||
|
|||||||||
