FKIE_CVE-2008-2476

Vulnerability from fkie_nvd - Published: 2008-10-03 15:07 - Updated: 2025-04-09 00:30
Severity ?
Summary
The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).
References
cret@cert.orgftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc
cret@cert.orghttp://secunia.com/advisories/32112Vendor Advisory
cret@cert.orghttp://secunia.com/advisories/32116
cret@cert.orghttp://secunia.com/advisories/32117Vendor Advisory
cret@cert.orghttp://secunia.com/advisories/32133
cret@cert.orghttp://secunia.com/advisories/32406
cret@cert.orghttp://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.ascVendor Advisory
cret@cert.orghttp://securitytracker.com/id?1020968
cret@cert.orghttp://support.apple.com/kb/HT3467
cret@cert.orghttp://www.kb.cert.org/vuls/id/472363US Government Resource
cret@cert.orghttp://www.kb.cert.org/vuls/id/MAPG-7H2RY7US Government Resource
cret@cert.orghttp://www.kb.cert.org/vuls/id/MAPG-7H2S68US Government Resource
cret@cert.orghttp://www.openbsd.org/errata42.html#015_ndp
cret@cert.orghttp://www.openbsd.org/errata43.html#006_ndp
cret@cert.orghttp://www.securityfocus.com/bid/31529
cret@cert.orghttp://www.securitytracker.com/id?1021109
cret@cert.orghttp://www.securitytracker.com/id?1021132
cret@cert.orghttp://www.vupen.com/english/advisories/2008/2750
cret@cert.orghttp://www.vupen.com/english/advisories/2008/2751
cret@cert.orghttp://www.vupen.com/english/advisories/2008/2752
cret@cert.orghttp://www.vupen.com/english/advisories/2009/0633
cret@cert.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/45601
cret@cert.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670
cret@cert.orghttps://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2008-09-036&viewMode=view
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32112Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32116
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32117Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32133
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32406
af854a3a-2127-422b-91ae-364da2661108http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.ascVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1020968
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3467
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/472363US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/MAPG-7H2RY7US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/MAPG-7H2S68US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.openbsd.org/errata42.html#015_ndp
af854a3a-2127-422b-91ae-364da2661108http://www.openbsd.org/errata43.html#006_ndp
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/31529
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1021109
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1021132
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2750
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2751
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2752
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0633
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/45601
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670
af854a3a-2127-422b-91ae-364da2661108https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2008-09-036&viewMode=view
Impacted products
Vendor Product Version
force10 ftos *
freebsd freebsd 6.3
freebsd freebsd 7.1
juniper jnos *
netbsd netbsd *
openbsd openbsd 4.2
openbsd openbsd 4.3
windriver vxworks *
windriver vxworks 5
windriver vxworks 5.5
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:force10:ftos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4941A848-A02E-4234-82A3-076AABC94476",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F702C46F-CA02-4FA2-B7D6-C61C2C095679",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "803EFA9F-B7CB-4511-B1C1-381170CA9A23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:jnos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BD3413A-DD12-4C60-88F4-E2D6C1264319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DF8DD37-A337-4E9D-A34E-C2D561A24285",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F12313A0-1EAF-4652-9AB1-799171CFFEA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFCBBA4F-BD05-4044-98A0-2825A413D299",
              "versionEndIncluding": "6.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:windriver:vxworks:5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F69B80D9-E6A6-4761-9EE3-3EF5E55EFA8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE3680A0-7B0C-4E91-97D7-B3F33EE1569A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB)."
    },
    {
      "lang": "es",
      "value": "La implementaci\u00f3n IPv6 Neighbor Discovery Protocol (NDP) en (1) FreeBSD v6.3 hasta v7.1, (2) OpenBSD v4.2 y v4.3, (3) NetBSD, (4) Force10 FTOS versiones anteriores a vE7.7.1.1, (5) Juniper JUNOS, y (6) Wind River VxWorks 5.x hasta v6.4 no valida los mensaje originales de Neighbor Discovery, lo cual permite a atacantes remotos provocar una denegaci\u00f3n de servicio (p\u00e9rdida de conectividad) o leer tr\u00e1fico de red privado a trav\u00e9s de mensajes falsos que modifica la Forward Information Base (FIB)."
    }
  ],
  "id": "CVE-2008-2476",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-10-03T15:07:10.727",
  "references": [
    {
      "source": "cret@cert.org",
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32112"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/32116"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32117"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/32133"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/32406"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc"
    },
    {
      "source": "cret@cert.org",
      "url": "http://securitytracker.com/id?1020968"
    },
    {
      "source": "cret@cert.org",
      "url": "http://support.apple.com/kb/HT3467"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/472363"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/MAPG-7H2S68"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.openbsd.org/errata42.html#015_ndp"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.openbsd.org/errata43.html#006_ndp"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securityfocus.com/bid/31529"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securitytracker.com/id?1021109"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securitytracker.com/id?1021132"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.vupen.com/english/advisories/2008/2750"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.vupen.com/english/advisories/2008/2751"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.vupen.com/english/advisories/2008/2752"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.vupen.com/english/advisories/2009/0633"
    },
    {
      "source": "cret@cert.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45601"
    },
    {
      "source": "cret@cert.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670"
    },
    {
      "source": "cret@cert.org",
      "url": "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search\u0026txtAlertNumber=PSN-2008-09-036\u0026viewMode=view"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32112"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32116"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32117"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32133"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32406"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1020968"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3467"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/472363"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/MAPG-7H2S68"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openbsd.org/errata42.html#015_ndp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openbsd.org/errata43.html#006_ndp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/31529"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1021109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1021132"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2750"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2751"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2752"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0633"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search\u0026txtAlertNumber=PSN-2008-09-036\u0026viewMode=view"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5 or Red Hat Enterprise MRG.",
      "lastModified": "2017-09-28T21:31:11.053",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.