The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 up to and including 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x up to and including 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote malicious users to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
force10 ftos |
||
freebsd freebsd 6.3 |
||
windriver vxworks 5 |
||
netbsd netbsd |
||
juniper jnos |
||
openbsd openbsd 4.2 |
||
windriver vxworks 5.5 |
||
freebsd freebsd 7.1 |
||
openbsd openbsd 4.3 |
||
windriver vxworks |