|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: OpenBSD ignoring RFC-compliant IPv6 neighbor solicitation?
From: Patrik Lundin (patrik.lundin.swe
gmail.com)
Date: Tue May 07 2013 - 16:02:25 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, May 07, 2013 at 09:16:25PM +0200, Stefan Bagdohn wrote:
> Wasn't this check introduced as mitigation of CVE-2008-2476 five years ago?
> E.g. http://ftp.openbsd.org/pub/OpenBSD/patches/4.4/common/001_ndp.patch
>
Maby something along the lines of the 'nd6_onlink_ns_rfc4861' sysctl
flag mentioned at
http://www.freebsd.org/security/advisories/FreeBSD-SA-08:10.nd6.asc
could be used for the odd cases where it's needed?
Regards,
Patrik Lundin
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]