IPv6 Type 0 Route Header Design Flaw

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

IPv6 Type 0 Route Header Design Flaw

Marc Balmer
IPv6 type 0 route headers can be used to mount a DoS attack against
hosts and networks.  This is a design flaw in IPv6 and not a bug in
OpenBSD.

This problem has been fixed in the OpenBSD CVS repository in the
-current and -stable branches.  The -current snapshots of OpenBSD
contain these fixes as well.

It is recommended that users of OpenBSD update their kernel asap
using cvs or manually apply the source code patches listed below.

A source code patch for OpenBSD 4.0-stable can be downloaded from
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.0/common/012_route6.patch.

A source code patch for OpenBSD 3.9-stable can be downloaded from
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/022_route6.patch.

Loading...