Vulnerability in Cisco products - exploitation can lead to the transmission of all ipv6 traffic
Cisco has published a report on the found vulnerability in the implementation of the ipv6 Neighbor Discovery protocol (ND). An attacker using a specially crafted packet can stop transmitting all ipv6 traffic on the device under attack.
Report.
')
All products with IOS, NX-OS, IOS-XE, IOS-XR are vulnerable. Currently there are no patches or workarounds. The only protection is the complete filtering of ND packets on potentially vulnerable interfaces, either using an ACL or an external firewall.
Fun!
Report.
')
All products with IOS, NX-OS, IOS-XE, IOS-XR are vulnerable. Currently there are no patches or workarounds. The only protection is the complete filtering of ND packets on potentially vulnerable interfaces, either using an ACL or an external firewall.
Fun!
Source: https://habr.com/ru/post/302476/
All Articles