Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: Serious unpatched IPv6 vulnerability on Windows Machines  (Read 3161 times)

shader

  • Newbie
  • *
  • Posts: 3
  • ._.
Serious unpatched IPv6 vulnerability on Windows Machines
« on: March 26, 2011, 12:55:41 PM »

Quote
Win 7 DoS by RA Packets

Executive Summary

This is extremely dangerous! A single device can instantly stop all the Windows machines on a Local Area Network. In my tests, my Windows 7 virtual machine freezes totally and the only way to revive it is shutting the power off--an abnormal shutdown.
Imagine the effect of a single attacker on a small business, Internet coffeehouse, or any other LAN. This works on all Windows machines with IPv6 enabled, which includes Vista, Win 7, Server 2008, and more. Suppose someone writes this into a malicious Web attack, so everyone who views a malicious Web page instantly kills all the machines on their LAN!

As far as I know, this attack will not traverse routers, so it "only" affects your local broadcast domain. But isn't that enough to deserve a security alert and a patch? Apparently not.

More at, http://samsclass.info/ipv6/proj/flood-router6a.htm
Logged

cconn

  • Full Member
  • ***
  • Posts: 128
Re: Serious unpatched IPv6 vulnerability on Windows Machines
« Reply #1 on: March 26, 2011, 01:41:31 PM »

hard to patch something that is behaving "properly"...unless the "patch" they are asking for is that the device doesn't crash.  It is still going to configure umpteen prefixes for local use.  What would be more interesting instead of crashing boxes a-la winnuke of the old days is to trick a host into using a prefix locally and hijacking traffic, stealing info etc etc.

Logged