Exploits and Advisories

This is not meant to be an all inclusive list of every security issue published involving IPv6 but just ones that received a higher amount of press than others.

2007

  • OpenBSD Buffer overflow exploit (March 2007).

2005

  • Linux IPv6 kernel DoS (October 2005).
  • Cisco’s issue of “IPv6 Crafted Packet Vulnerability” (July 2005)
  • Cisco’s issue of “Multiple Crafted IPv6 Packets Cause Reload” (January 2005).
  • A flaw in the IPv6 patch for postfix found by RedHat could allow unauthorised relaying of email (March 2005).
  • Microsoft IPv6 implementation was found to be vulnerable (MS05-019) to a LAND attack (April 2005).

2004

  • Georgi Guninski found a remote crash in OpenBSD by sending a packet with a small MTU and then doing a TCP connect (February 2004).
  • UNIRAS found an issue in the way the Apache 2 apr-util parses IPv6 addresses (September 2004).