The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 up to and including 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x up to and including 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote malicious users to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freebsd freebsd 6.3 |
||
freebsd freebsd 7.1 |
||
windriver vxworks 5.5 |
||
windriver vxworks 5 |
||
netbsd netbsd |
||
force10 ftos |
||
juniper jnos |
||
windriver vxworks |
||
openbsd openbsd 4.3 |
||
openbsd openbsd 4.2 |