[ISN] OpenBSD hit by 'critical' IPv6 flaw

From: InfoSec News (alerts@private)
Date: Thu Mar 15 2007 - 22:20:50 PST


http://news.com.com/OpenBSD+hit+by+critical+IPv6+flaw/2100-1002_3-6167193.html

By Joris Evers
Staff Writer, CNET News.com
March 14, 2007

A vulnerability in the way OpenBSD handles IPv6 data packets exposes 
systems running the traditionally secure open-source operating system to 
serious attack.

A memory corruption vulnerability error exists in the OpenBSD code that 
handles IPv6 packets, Core Security Technologies said in an alert 
published Tuesday. Exploiting the flaw could let an attacker commandeer 
a vulnerable system, according to Core, which said it discovered the 
issue and crafted sample exploit code.

"This vulnerability allows attackers to gain complete control of the 
target system, bypassing all the operating system's security 
mechanisms," Core said in a statement Wednesday. Core deems the issue 
"critical." Security-monitoring company Secunia rates it "highly 
critical."

OpenBSD is one of several operating systems based on the Berkeley 
Software Distribution, or BSD. The most popular BSD descendents are 
FreeBSD, PCBSD and NetBSD, with OpenBSD coming in fourth, according to 
the BSDstats project.

OpenBSD is mostly known for its security enhancements and is used for 
firewalls, intrusion detection systems and other applications. Google is 
among OpenBSD users and backers. The OpenBSD team likes to tout that 
only a few remotely exploitable vulnerabilities have been found in the 
code in a decade.

A security update was issued last week to deal with the OpenBSD issue, 
which affects multiple releases of the operating system.

Default installations of OpenBSD are vulnerable as IPv6 is enabled and 
the system does not filter inbound packets, Core said. IPv6 is the next 
version of the Internet Protocol designed to support a broader range of 
IP addresses as the IP version 4 addresses currently in use become more 
scarce.

To exploit the vulnerability, an attacker must have the ability to send 
malicious IPv6 packets to the target system or be on the same network, 
Symantec said in an alert. The Cupertino, Calif., security company 
raised its ThreatCon to level 2 because of the issue, which means 
attacks are expected.

As a work-around for users who can not apply the OpenBSD patch or who do 
not need to process or route IPv6 traffic on their systems, all inbound 
IPv6 packets can be blocked by using Openness' firewall.


_________________________________________
Visit the InfoSec News Security Bookstore
http://www.shopinfosecnews.org



This archive was generated by hypermail 2.1.3 : Thu Mar 15 2007 - 22:33:35 PST