CVE-2008-2476

NONECVSS 0.0

0.0

The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).

🔗 References (48)

cret@certftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc
cret@certhttp://secunia.com/advisories/32112
cret@certhttp://secunia.com/advisories/32116
cret@certhttp://secunia.com/advisories/32117
cret@certhttp://secunia.com/advisories/32133
cret@certhttp://secunia.com/advisories/32406
cret@certhttp://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc
cret@certhttp://securitytracker.com/id?1020968
cret@certhttp://support.apple.com/kb/HT3467
cret@certhttp://www.kb.cert.org/vuls/id/472363
cret@certhttp://www.kb.cert.org/vuls/id/MAPG-7H2RY7
cret@certhttp://www.kb.cert.org/vuls/id/MAPG-7H2S68
cret@certhttp://www.openbsd.org/errata42.html#015_ndp
cret@certhttp://www.openbsd.org/errata43.html#006_ndp
cret@certhttp://www.securityfocus.com/bid/31529

Is Your Infrastructure Affected by CVE-2008-2476?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-2476

📅 Published

🔄 Last Modified

🔗 References (48)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-2476?