| Vulnerability Name: | CVE-2008-2476 (CCN-45601) |
| Assigned: | 2008-10-02 |
| Published: | 2008-10-02 |
| Updated: | 2017-09-29 |
| Summary: | The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).
|
| CVSS v3 Severity: | 6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)| Exploitability Metrics: | Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None | | Scope: | Scope (S): Unchanged
| | Impact Metrics: | Confidentiality (C): Low
Integrity (I): None
Availibility (A): Low |
|
| CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)| Exploitability Metrics: | Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None | | Impact Metrics: | Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete |
6.4 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P)
4.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P/E:U/RL:OF/RC:C)| Exploitability Metrics: | Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
| | Impact Metrics: | Confidentiality (C): Partial
Integrity (I): None
Availibility (A): Partial |
|
| Vulnerability Type: | CWE-20
|
| Vulnerability Consequences: | Denial of Service |
| References: | Source: CCN
Type: NetBSD Security Advisory 2008-013
IPv6 Neighbor Discovery Protocol
Source: NETBSD
Type: UNKNOWN
NetBSD-SA2008-013
Source: MITRE
Type: CNA
CVE-2008-2476
Source: MITRE
Type: CNA
CVE-2008-4404
Source: MITRE
Type: CNA
CVE-2009-0418
Source: CCN
Type: HP Security Bulletin HPSBUX02407 SSRT080107 rev.1
HP-UX Running IPv6, Remote Denial of Service (DoS) and Unauthorized Access
Source: CCN
Type: SA32112
FreeBSD IPv6 Neighbor Discovery Protocol Neighbor Solicitation Vulnerability
Source: SECUNIA
Type: Vendor Advisory
32112
Source: CCN
Type: SA32116
Juniper Products Neighbor Discovery Protocol Neighbor Solicitation Vulnerability
Source: SECUNIA
Type: UNKNOWN
32116
Source: CCN
Type: SA32117
Force10 FTOS Routers IPv6 Neighbor Discovery Protocol Vulnerability
Source: SECUNIA
Type: Vendor Advisory
32117
Source: CCN
Type: SA32133
OpenBSD IPv6 Neighbor Discovery Protocol Neighbor Solicitation Vulnerability
Source: SECUNIA
Type: UNKNOWN
32133
Source: CCN
Type: SA32406
NetBSD IPv6 Neighbor Discovery Protocol Neighbor Solicitation Vulnerability
Source: SECUNIA
Type: UNKNOWN
32406
Source: CCN
Type: SA33787
HP-UX IPv6 Neighbor Discovery Protocol Neighbor Solicitation Vulnerability
Source: CCN
Type: SA34105
Apple Airport Extreme / Time Capsule Multiple Vulnerabilities
Source: CCN
Type: FreeBSD-SA-08:10.nd6
IPv6 Neighbor Discovery Protocol routing vulnerability
Source: FREEBSD
Type: Vendor Advisory
FreeBSD-SA-08:10
Source: CCN
Type: SECTRACK ID: 1020968
FreeBSD IPv6 Neighbor Discovery Protocol Spoofing Bug Lets Remote Users Modify Routing Data in Certain Cases
Source: SECTRACK
Type: UNKNOWN
1020968
Source: CCN
Type: SECTRACK ID: 1021109
NetBSD IPv6 Neighbor Discovery Protocol Spoofing Bug Lets Remote Users Modify Routing Data in Certain Cases
Source: CCN
Type: SECTRACK ID: 1021132
OpenBSD IPv6 Neighbor Discovery Protocol Spoofing Bug Lets Remote Users Modify Routing Data in Certain Cases
Source: CCN
Type: SECTRACK ID: 1021660
HP-UX IPv6 Neighbor Discovery Protocol Spoofing Bug Lets Remote Users Modify Routing Data in Certain Cases
Source: CCN
Type: Apple Web site
About the security content of Time Capsule and AirPort Base Station (802.11n*) Firmware 7.4.1
Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT3467
Source: CCN
Type: ASA-2009-059
HP-UX Running IPv6 Remote Denial of Service (DoS) and Unauthorized Access (HPSBUX02407)
Source: CCN
Type: Wind River Web site
Wind River Support
Source: CCN
Type: Force10 Networks Web site
Force10 Networks
Source: CCN
Type: FreeBSD Web site
The FreeBSD Project
Source: CCN
Type: US-CERT VU#472363
IPv6 implementations insecurely update Forwarding Information Base
Source: CERT-VN
Type: US Government Resource
VU#472363
Source: CCN
Type: US-CERT Advisory, 2008-09-30
Force10 Networks, Inc. Information for VU#472363
Source: CONFIRM
Type: US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-7H2RY7
Source: CONFIRM
Type: US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-7H2S68
Source: OPENBSD
Type: UNKNOWN
[4.2] 015: SECURITY FIX: October 2, 2008
Source: OPENBSD
Type: UNKNOWN
[4.3] 006: SECURITY FIX: October 2, 2008
Source: CCN
Type: OSVDB ID: 48702
FreeBSD IPv6 Neighbor Discovery Protocol Neighbor Solicitation Spoofing
Source: CCN
Type: OSVDB ID: 48744
OpenBSD IPv6 Neighbor Discovery Protocol Neighbor Solicitation Spoofing
Source: CCN
Type: OSVDB ID: 48745
Force10 FTOS Routers IPv6 Neighbor Discovery Protocol Neighbor Solicitation Spoofing
Source: CCN
Type: OSVDB ID: 48989
Juniper Multiple Products IPv6 Neighbor Discovery Protocol Neighbor Solicitation Spoofing
Source: CCN
Type: OSVDB ID: 48991
IBM zSeries IPv6 Neighbor Discovery Protocol Neighbor Solicitation Spoofing
Source: CCN
Type: OSVDB ID: 49407
NetBSD IPv6 Neighbor Discovery Protocol Neighbor Solicitation Spoofing
Source: CCN
Type: OSVDB ID: 51771
HP-UX IPv6 Neighbor Discovery Protocol Neighbor Solicitation Spoofing
Source: CCN
Type: OSVDB ID: 52494
Apple Multiple Products IPv6 Neighbor Discovery Protocol Neighbor Solicitation Spoofing
Source: BID
Type: UNKNOWN
31529
Source: CCN
Type: BID-31529
Multiple Vendors IPv6 Neighbor Discovery Protocol Implementation Address Spoofing Vulnerability
Source: CCN
Type: BID-33560
Novell GroupWise Internet Agent SMTP RCPT Command Remote Buffer Overflow Vulnerability
Source: SECTRACK
Type: UNKNOWN
1021109
Source: SECTRACK
Type: UNKNOWN
1021132
Source: VUPEN
Type: UNKNOWN
ADV-2008-2750
Source: VUPEN
Type: UNKNOWN
ADV-2008-2751
Source: VUPEN
Type: UNKNOWN
ADV-2008-2752
Source: VUPEN
Type: UNKNOWN
ADV-2009-0633
Source: XF
Type: UNKNOWN
multiple-vendor-ndp-dos(45601)
Source: XF
Type: UNKNOWN
multiple-vendors-ndp-dos(45601)
Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:5670
Source: MISC
Type: UNKNOWN
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2008-09-036&viewMode=view
Source: CCN
Type: Juniper Networks Web site
Juniper Networks :: Login
|
| Vulnerable Configuration: | Configuration 1:
cpe:/o:force10:ftos:*:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:6.3:-:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:7.1:-:*:*:*:*:*:*OR cpe:/o:juniper:jnos:*:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:*:*:*:*:*:*:*:*OR cpe:/o:openbsd:openbsd:4.2:*:*:*:*:*:*:*OR cpe:/o:openbsd:openbsd:4.3:*:*:*:*:*:*:*OR cpe:/o:windriver:vxworks:5:*:*:*:*:*:*:*OR cpe:/o:windriver:vxworks:5.5:*:*:*:*:*:*:*OR cpe:/o:windriver:vxworks:*:*:*:*:*:*:*:* (Version <= 6.4)
Configuration CCN 1:
cpe:/o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:6.0:-:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:3.0:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:3.1:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:6.3:-:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:7.0:-:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:4.0:*:*:*:*:*:*:*OR cpe:/a:apple:apple_airport_extreme_base_station:::7.3.1_firmware:*:*:*:*:*OR cpe:/o:freebsd:freebsd:6.4:-:*:*:*:*:*:*OR cpe:/o:force10:ftos:*:*:*:*:*:*:*:*OR cpe:/o:ibm:zseries:*:*:*:*:*:*:*:*OR cpe:/o:juniper:jnos:*:*:*:*:*:*:*:*OR cpe:/h:apple:airport_express_base_station_firmware:3.84:*:*:*:*:*:*:*
 Denotes that component is vulnerable |
| Oval Definitions |
| Definition ID | Class | Title | Last Modified |
|---|
| oval:org.mitre.oval:def:5670 | V | HP-UX Running IPv6, Remote Denial of Service (DoS) and Unauthorized Access | 2015-04-20 |
|
| BACK |