CVE-2008-2476
Published Oct 3, 2008
Last updated 7 years ago
Overview
- Description
- The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).
- Source
- cret@cert.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-20
Vendor comments
- Red HatNot vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5 or Red Hat Enterprise MRG.
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:force10:ftos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4941A848-A02E-4234-82A3-076AABC94476"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F702C46F-CA02-4FA2-B7D6-C61C2C095679"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "803EFA9F-B7CB-4511-B1C1-381170CA9A23"
},
{
"criteria": "cpe:2.3:o:juniper:jnos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9BD3413A-DD12-4C60-88F4-E2D6C1264319"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA"
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9DF8DD37-A337-4E9D-A34E-C2D561A24285"
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F12313A0-1EAF-4652-9AB1-799171CFFEA9"
},
{
"criteria": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFCBBA4F-BD05-4044-98A0-2825A413D299",
"versionEndIncluding": "6.4"
},
{
"criteria": "cpe:2.3:o:windriver:vxworks:5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F69B80D9-E6A6-4761-9EE3-3EF5E55EFA8B"
},
{
"criteria": "cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE3680A0-7B0C-4E91-97D7-B3F33EE1569A"
}
],
"operator": "OR"
}
]
}
]