Hurricane Electric's IPv6 Tunnel Broker Forums

General IPv6 Topics => IPv6 on Windows => Topic started by: shader on March 26, 2011, 12:55:41 PM

Title: Serious unpatched IPv6 vulnerability on Windows Machines
Post by: shader on March 26, 2011, 12:55:41 PM
Quote
Win 7 DoS by RA Packets

Executive Summary

This is extremely dangerous! A single device can instantly stop all the Windows machines on a Local Area Network. In my tests, my Windows 7 virtual machine freezes totally and the only way to revive it is shutting the power off--an abnormal shutdown.
Imagine the effect of a single attacker on a small business, Internet coffeehouse, or any other LAN. This works on all Windows machines with IPv6 enabled, which includes Vista, Win 7, Server 2008, and more. Suppose someone writes this into a malicious Web attack, so everyone who views a malicious Web page instantly kills all the machines on their LAN!

As far as I know, this attack will not traverse routers, so it "only" affects your local broadcast domain. But isn't that enough to deserve a security alert and a patch? Apparently not.

More at, http://samsclass.info/ipv6/proj/flood-router6a.htm (http://samsclass.info/ipv6/proj/flood-router6a.htm)
Title: Re: Serious unpatched IPv6 vulnerability on Windows Machines
Post by: cconn on March 26, 2011, 01:41:31 PM
hard to patch something that is behaving "properly"...unless the "patch" they are asking for is that the device doesn't crash.  It is still going to configure umpteen prefixes for local use.  What would be more interesting instead of crashing boxes a-la winnuke of the old days is to trick a host into using a prefix locally and hijacking traffic, stealing info etc etc.