CVE-2008-4404

IBM zSeries - Denial of Service via IPv6 Neighbor Discovery Spoofing

Title source: llm
STIX 2.1

Description

The IPv6 Neighbor Discovery Protocol (NDP) implementation on IBM zSeries servers does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB), a related issue to CVE-2008-2476.

References (2)

Core 2
Core References
US Government Resource x_refsource_misc
http://www.kb.cert.org/vuls/id/MAPG-7H2RZ8
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/472363

Scores

EPSS 0.0417
EPSS Percentile 89.7%

Details

CWE
CWE-20
Status published
Products (1)
ibm/zseries
Published Oct 03, 2008
Tracked Since Feb 18, 2026