VU#472363: IPv6 routing table vulnerability

Vulnerability Note VU#472363 IPv6 routing table vulnerability OverviewA vulnerability in some implementations of the IPv6 Neighbor Discovery Protocol may allow a nearby attacker to intercept traffic or cause congested links to become overloaded. I. DescriptionIPv6 networks use the Neighbor Discovery Protocol (ndp) to detect and locate routers and other on-link IPv6 nodes. ndp uses ICMPv6 types 133, 134, 135, and 136. Neighbor solicitation (type 135) messages are used by ndp to discover and determine the reachability of nearby IPv6 nodes. Nodes that can send each other ndp messages are considered to be on-link (as per RFC 4861). After receiving a neighbor solicitation request from a system that is considered on-link and is using a spoofed IPv6 address as the source address, a router will create a neighbor cache entry. When... [read full story]