Vulnerability Description The OpenBSD kernel contains a memory corruption vulnerability in the code that handles IPv6 packets. Exploitation of this vulnerability can result in:
1) Remote execution of arbitrary code at the kernel level on the vulnerable systems (complete system compromise), or;
2) Remote denial of service attacks against vulnerable systems (system crash due to a kernel panic)
The issue can be triggered by sending a specially crafted IPv6 fragmented packet.
OpenBSD systems using default installations are vulnerable because the default pre-compiled kernel binary (GENERIC) has IPv6 enabled and OpenBSD's firewall does not filter inbound IPv6 packets in its default configuration.
However, in order to exploit a vulnerable system an attacker needs to be able to inject fragmented IPv6 packets on the target system's local network. This requires direct physical/logical access to the target's local network -in which case the attacking system does not need to have a working IPv6 stack- or the ability to route or tunnel IPv6 packets to the target from a remote network.
Doesn't NASA use OpenBSD? Good that they are fast on the fix. I would hate to c the space station come down due to some kids work
Hopefully anyone at NASA (or anywhere else, really) who was in charge of OpenBSD systems such as this would disable/block the IPv6 network layer as the US won't be using that until it's dragged kicking and screaming into it.
....hopefully being the operative word
as the US won't be using that until it's dragged kicking and screaming into it.
I like the way you say that At least get them to adopt metric let alone IPv6