Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

IPv6 vulnerable to remote denial-of-service attacks

Feb 6, 2004 2:44PM PST

Independent security researcher Georgi Guninski has discovered a security vulnerability in the OpenBSD implementation (OpenBSD 3.4) of Internet Protocol version 6 (IPv6) that could allow an attacker to cause a denial of service. Machines are vulnerable when they are configured to receive ICMPv6 (Internet Control Message Protocol) and are listening on a TCP port. ?A remote attacker can take advantage of this by setting a small IPv6 MTU (Maximum Transmission Unit) and then connecting to an open TCP port.? Upgrades are available to resolve the problem. IPv6, the successor to IPv4, is already being implemented by some organizations and promises significant security benefits, particularly in the area of authentication.

http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci949128,00.html

Discussion is locked