fkie_cve-2008-2476
Vulnerability from fkie_nvd
Published
2008-10-03 15:07
Modified
2025-04-09 00:30
Severity ?
Summary
The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:force10:ftos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4941A848-A02E-4234-82A3-076AABC94476",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F702C46F-CA02-4FA2-B7D6-C61C2C095679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "803EFA9F-B7CB-4511-B1C1-381170CA9A23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:jnos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD3413A-DD12-4C60-88F4-E2D6C1264319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF8DD37-A337-4E9D-A34E-C2D561A24285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F12313A0-1EAF-4652-9AB1-799171CFFEA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFCBBA4F-BD05-4044-98A0-2825A413D299",
"versionEndIncluding": "6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:vxworks:5:*:*:*:*:*:*:*",
"matchCriteriaId": "F69B80D9-E6A6-4761-9EE3-3EF5E55EFA8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3680A0-7B0C-4E91-97D7-B3F33EE1569A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB)."
},
{
"lang": "es",
"value": "La implementaci\u00f3n IPv6 Neighbor Discovery Protocol (NDP) en (1) FreeBSD v6.3 hasta v7.1, (2) OpenBSD v4.2 y v4.3, (3) NetBSD, (4) Force10 FTOS versiones anteriores a vE7.7.1.1, (5) Juniper JUNOS, y (6) Wind River VxWorks 5.x hasta v6.4 no valida los mensaje originales de Neighbor Discovery, lo cual permite a atacantes remotos provocar una denegaci\u00f3n de servicio (p\u00e9rdida de conectividad) o leer tr\u00e1fico de red privado a trav\u00e9s de mensajes falsos que modifica la Forward Information Base (FIB)."
}
],
"id": "CVE-2008-2476",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-03T15:07:10.727",
"references": [
{
"source": "cret@cert.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32112"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/32116"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32117"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/32133"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/32406"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc"
},
{
"source": "cret@cert.org",
"url": "http://securitytracker.com/id?1020968"
},
{
"source": "cret@cert.org",
"url": "http://support.apple.com/kb/HT3467"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/472363"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7H2S68"
},
{
"source": "cret@cert.org",
"url": "http://www.openbsd.org/errata42.html#015_ndp"
},
{
"source": "cret@cert.org",
"url": "http://www.openbsd.org/errata43.html#006_ndp"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/31529"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id?1021109"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id?1021132"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/2750"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/2751"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/2752"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2009/0633"
},
{
"source": "cret@cert.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45601"
},
{
"source": "cret@cert.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670"
},
{
"source": "cret@cert.org",
"url": "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search\u0026txtAlertNumber=PSN-2008-09-036\u0026viewMode=view"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020968"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/472363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7H2S68"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata42.html#015_ndp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata43.html#006_ndp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2750"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2751"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search\u0026txtAlertNumber=PSN-2008-09-036\u0026viewMode=view"
}
],
"sourceIdentifier": "cret@cert.org",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5 or Red Hat Enterprise MRG.",
"lastModified": "2017-09-28T21:31:11.053",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…