CVE-2008-2476
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).
La implementación IPv6 Neighbor Discovery Protocol (NDP) en (1) FreeBSD v6.3 hasta v7.1, (2) OpenBSD v4.2 y v4.3, (3) NetBSD, (4) Force10 FTOS versiones anteriores a vE7.7.1.1, (5) Juniper JUNOS, y (6) Wind River VxWorks 5.x hasta v6.4 no valida los mensaje originales de Neighbor Discovery, lo cual permite a atacantes remotos provocar una denegación de servicio (pérdida de conectividad) o leer tráfico de red privado a través de mensajes falsos que modifica la Forward Information Base (FIB).
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-05-28 CVE Reserved
- 2008-10-02 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (24)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc | 2017-09-29 | |
| http://secunia.com/advisories/32112 | 2017-09-29 | |
| http://secunia.com/advisories/32117 | 2017-09-29 | |
| http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc | 2017-09-29 | |
| http://www.openbsd.org/errata42.html#015_ndp | 2017-09-29 | |
| http://www.openbsd.org/errata43.html#006_ndp | 2017-09-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Force10 Search vendor "Force10" | Ftos Search vendor "Force10" for product "Ftos" | * | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 6.3 Search vendor "Freebsd" for product "Freebsd" and version "6.3" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 7.1 Search vendor "Freebsd" for product "Freebsd" and version "7.1" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Jnos Search vendor "Juniper" for product "Jnos" | * | - |
Affected
| ||||||
| Netbsd Search vendor "Netbsd" | Netbsd Search vendor "Netbsd" for product "Netbsd" | * | - |
Affected
| ||||||
| Openbsd Search vendor "Openbsd" | Openbsd Search vendor "Openbsd" for product "Openbsd" | 4.2 Search vendor "Openbsd" for product "Openbsd" and version "4.2" | - |
Affected
| ||||||
| Openbsd Search vendor "Openbsd" | Openbsd Search vendor "Openbsd" for product "Openbsd" | 4.3 Search vendor "Openbsd" for product "Openbsd" and version "4.3" | - |
Affected
| ||||||
| Windriver Search vendor "Windriver" | Vxworks Search vendor "Windriver" for product "Vxworks" | <= 6.4 Search vendor "Windriver" for product "Vxworks" and version " <= 6.4" | - |
Affected
| ||||||
| Windriver Search vendor "Windriver" | Vxworks Search vendor "Windriver" for product "Vxworks" | 5 Search vendor "Windriver" for product "Vxworks" and version "5" | - |
Affected
| ||||||
| Windriver Search vendor "Windriver" | Vxworks Search vendor "Windriver" for product "Vxworks" | 5.5 Search vendor "Windriver" for product "Vxworks" and version "5.5" | - |
Affected
| ||||||