This was apparently posted first to BugTraq, and was included in this AMs
SANS.org/Network Computing "Security Alert Consensus". Apologies in advance
for the cross-post, but wasn't sure of the numbers of IPv6ers on BugTraq,
part of SANS, etc.
*** {01.26.040} Cross - IPv6 mishandling of embedded IPv4 addresses concern
An interesting post was made about potential malicious situations that
could arise from improperly implemented IPv6 stacks. The problems range
from network-based packet games (denial of service floods, etc.), to
various ways to bypass IPv4 access control restrictions.
Anyone interested in the issue are encouraged to look at the test script
included with the post.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-06/0321.html
Copyright (c) 2001 Network Computing, a CMP Media LLC publication. All
Rights Reserved.
Joseph J. Januszewski, III
National Institutes of Health
Center for Information Technology
Bethesda, Maryland
[EMAIL PROTECTED]
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
