CVE-2008-2476
Force10 FTOS - Denial of Service via IPv6 Neighbor Discovery Protocol Spoofing
Title source: llmDescription
The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).
References (24)
Core 24
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/45601
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT3467
Various Sources vendor-advisory
x_refsource_openbsd
http://www.openbsd.org/errata42.html#015_ndp
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1020968
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/32406
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2751
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1021109
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/32133
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/472363
US Government Resource x_refsource_confirm
http://www.kb.cert.org/vuls/id/MAPG-7H2RY7
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/32116
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1021132
Various Sources x_refsource_misc
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2008-09-036&viewMode=view
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2750
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2752
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/31529
US Government Resource x_refsource_confirm
http://www.kb.cert.org/vuls/id/MAPG-7H2S68
Vendor Advisory vendor-advisory
x_refsource_freebsd
http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc
Various Sources vendor-advisory
x_refsource_openbsd
http://www.openbsd.org/errata43.html#006_ndp
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/32112
Vendor Advisory vendor-advisory
x_refsource_netbsd
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/32117
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0633
Scores
EPSS
0.1050
EPSS Percentile
93.4%
Details
CWE
CWE-20
Status
published
Products (10)
force10/ftos
freebsd/freebsd
6.3
freebsd/freebsd
7.1
juniper/jnos
netbsd/netbsd
openbsd/openbsd
4.2
openbsd/openbsd
4.3
windriver/vxworks
5
windriver/vxworks
5.5
windriver/vxworks
< 6.4
Published
Oct 03, 2008
Tracked Since
Feb 18, 2026