[GTER] Vulnerabilidade afeta IPv6
Marcello de Lima Azambuja
azambuja at del.ufrj.br
Mon Jul 5 13:44:34 -03 2004
A falha nada tem a ver com a estrutura do protocolo IPv6, mas sim
um erro de programação no software da Juniper:
'The vulnerability is caused by what is called a "memory leak," which
an attacker could exploit to cause a denial-of-service attack. These
memory leaks occur when IPv6 packets are sent in such an order that
they take up more memory than usual. As the memory is filled up,
the router runs slower. And eventually when the memory is
exhausted, the router crashes and reboots itself, potentially
causing major service outages or significantly slowed network
performance.'
Como o próprio artigo diz, é um memory leak, uma falha de design do
software que aloca memória dinamicamente e não libera quando deveria.
A única relação é que a parte do código afetada fazia parte da pilha
IPv6. Não foi o primeiro bug desse tipo, nem será o último, nem no
IPv6 nem para qualquer outra implementação de protocolo.
[]s
On Mon, Jul 05, 2004 at 01:34:43PM -0300, Omar Kaminski wrote:
> http://news.com.com/Growing%20pains%20for%20next%20Net/2100-1033_3-5256010.html
>
> Growing pains for next Net
> Last modified: July 2, 2004, 12:03 PM PDT
>
> A vulnerability discovered in some of Juniper Networks' routing software
> highlights that the next-generation Internet, known as Internet Protocol
> version 6, still has a ways to go before it will be ready for widespread
> adoption. (...)
>
> Experts say that the vulnerability will not have much of an impact on the
> Internet, because only a small number of networks throughout the world use
> IPv6. (...)
>
> []s
--
Marcello de Lima Azambuja http://www.del.ufrj.br/~azambuja
PGP A5B5649F FEC9 32F3 6CF4 FC57 75D9 06CF B959 F95E A5B5 649F
More information about the gter
mailing list