[Fwd: IPv6 Type 0 Route Header Design Flaw]
Apropos the recent discussions about IPv6: -------- Original Message -------- Subject: IPv6 Type 0 Route Header Design Flaw Date: Mon, 23 Apr 2007 20:09:19 +0200 From: Marc Balmer <mbalmer(a)openbsd.org> Organization: The OpenBSD Project To: security-announce(a)openbsd.org IPv6 type 0 route headers can be used to mount a DoS attack against hosts and networks. This is a design flaw in IPv6 and not a bug in OpenBSD. This problem has been fixed in the OpenBSD CVS repository in the -current and -stable branches. The -current snapshots of OpenBSD contain these fixes as well. It is recommended that users of OpenBSD update their kernel asap using cvs or manually apply the source code patches listed below. A source code patch for OpenBSD 4.0-stable can be downloaded from ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.0/common/012_route6.patch. A source code patch for OpenBSD 3.9-stable can be downloaded from ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/022_route6.patch. -- Juha Saarinen * Quidquid latine dictum sit, altum videtur * www.geekzone.co.nz/juha
On 23-Apr-2007, at 20:38, Juha Saarinen wrote:
Apropos the recent discussions about IPv6:
Here's a link to the presentation from cansecwest. It's a good read. Joe Begin forwarded message:
From: Nicolas FISCHBACH <nicolist(a)securite.org> Date: 23 April 2007 16:07:57 GMT+01:00 To: dns-operations(a)mail.oarc.isc.org Subject: [dns-operations] IPv6 Type 0 Routing Header issues
Very interesting presentation by Arnaud and Phil:
http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf
If you only care about the DNS related bits, start on page 29.
Nico. -- Nicolas FISCHBACH Senior Manager - Network Engineering/Security - COLT Telecom e:(nico(a)securite.org) w:<http://www.securite.org/nico/> _______________________________________________ dns-operations mailing list dns-operations(a)lists.oarci.net http://lists.oarci.net/mailman/listinfo/dns-operations
participants (2)
-
Joe Abley -
Juha Saarinen