Apropos the recent discussions about IPv6:
-------- Original Message --------
Subject: IPv6 Type 0 Route Header Design Flaw
Date: Mon, 23 Apr 2007 20:09:19 +0200
From: Marc Balmer
Organization: The OpenBSD Project
To: security-announce(a)openbsd.org
IPv6 type 0 route headers can be used to mount a DoS attack against
hosts and networks. This is a design flaw in IPv6 and not a bug in
OpenBSD.
This problem has been fixed in the OpenBSD CVS repository in the
-current and -stable branches. The -current snapshots of OpenBSD
contain these fixes as well.
It is recommended that users of OpenBSD update their kernel asap
using cvs or manually apply the source code patches listed below.
A source code patch for OpenBSD 4.0-stable can be downloaded from
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.0/common/012_route6.patch.
A source code patch for OpenBSD 3.9-stable can be downloaded from
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/022_route6.patch.
--
Juha Saarinen
* Quidquid latine dictum sit, altum videtur *
www.geekzone.co.nz/juha
