Vulnerability Note VU#267289
IPv6 Type 0 Route Headers allow sender to control routing
IPv6 Type 0 Route Headers allow the sender to control packet routing. This vulnerability may allow an attacker to cause a denial-of-service condition.
Routing header options provided by IPv6 allow packet senders to indicate specific nodes through which the packet should travel. Note that a node is defined as any device that implements IPv6, which includes hosts as well as routing devices. According to FreeBSD-SA-07:03.ipv6:
An attacker can "amplify" a denial of service attack against a link between two vulnerable hosts; that is, by sending a small volume of traffic the attacker can consume a much larger amount of bandwidth between the two vulnerable hosts.
This condition can facilitate a number of different impacts including packet amplification, bypassing filtering devices, denial of service, and defeating IPv6 Anycast.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Apple Computer, Inc.||Affected||09 May 2007||21 Jun 2007|
|Cisco Systems, Inc.||Affected||09 May 2007||15 May 2007|
|FreeBSD, Inc.||Affected||-||14 May 2007|
|Fujitsu||Affected||09 May 2007||15 Jun 2007|
|Hitachi||Affected||09 May 2007||14 May 2007|
|Internet Initiative Japan||Affected||-||14 May 2007|
|NEC Corporation||Affected||09 May 2007||15 Jun 2007|
|OpenBSD||Affected||-||14 May 2007|
|Red Hat, Inc.||Affected||-||17 May 2007|
|rPath||Affected||-||21 Jun 2007|
|Secure Computing Network Security Division||Affected||09 May 2007||15 Jun 2007|
|Sun Microsystems, Inc.||Affected||09 May 2007||17 May 2007|
|Force10 Networks, Inc.||Not Affected||09 May 2007||22 Jul 2011|
|Novell, Inc.||Not Affected||09 May 2007||17 May 2007|
|3com, Inc.||Unknown||09 May 2007||09 May 2007|
CVSS Metrics (Learn More)
This vulnerability was reported by Philippe Biondi Arnaud Ebalard of EADS Innovation Works — IW/SE/CS, IT Sec lab, Suresnes, France at CanSecWest 2007.
This document was written by Chris Taschner.
- CVE IDs: CVE-2007-2242
- Date Public: 24 Apr 2007
- Date First Published: 13 Jun 2007
- Date Last Updated: 22 Jul 2011
- Severity Metric: 11.03
- Document Revision: 38
If you have feedback, comments, or additional information about this vulnerability, please send us email.