Dailydave mailing list archives
Re: SLAAC Attack - 0day Windows Network Interception Configuration Vulnerability
From: Marc Heuse <mh () baseline-security de>
Date: Tue, 05 Apr 2011 09:32:01 +0200
Am 04.04.2011 17:34, schrieb Adam Behnke:
Hi Daily Davers. InfoSec Institute security researcher Alec Waters has just released a new article on SLAAC Attacks. The basic premise is to use the default network configuration found on all Windows 7 (as well as Server 2008, Vista) installations to intercept and hijack all network traffic without any user knowledge or interaction.
sorry but that is no news and already has a long beard. the basics of this attack have been around for many years and once there is an ietf draft about it you know you have to move on (http://tools.ietf.org/html/draft-chown-v6ops-rogue-ra-02) I mentioned this attack and many others in my various IPv6 talks at CSW and CCC (e.g. http://www.youtube.com/watch?v=c7hq2q4jQYw), but even before that Sebastian Krahmer pointed out the issue that IPv6 is prefered over IPv4 if a target systems seems to be available can be exploited.
We contacted Microsoft over the weekend, but, because this is a default installation configuration vulnerability, Microsoft is not able to release a patch and states “....
I have been in touch with M$ for other IPv6 issues, its basically "yeah we know and we wont change anything" but they word it nicely so the reporter feels appreciated. Its the team responsible for the IPv6 stack that doesnt care, not MSRC. (and really they cant with this issue because its a fundamental weakness in the IPv6 protocol, and one you can't fix easily if you dont want to use static routes or dhcpv6.) (and with other issues they could but the responsible team just doesnt care. shame on them) Greets, Marc -- Marc Heuse www.mh-sec.de PGP: FEDD 5B50 C087 F8DF 5CB9 876F 7FDD E533 BF4F 891A _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Re: SLAAC Attack - 0day Windows Network Interception Configuration Vulnerability Marc Heuse (Apr 05)
- Re: SLAAC Attack - 0day Windows Network Interception Configuration Vulnerability Adam Behnke (Apr 06)
- Re: SLAAC Attack - 0day Windows Network Interception Configuration Vulnerability Sebastian Krahmer (Apr 06)