[Japanese]

JVNDB-2010-000032

SEIL/X Series and SEIL/B1 IPv6 Unicast RPF vulnerability

Overview

SEIL/X Series and SEIL/B1 contains a vulnerability in which IPv6 Unicast Reverse Path Forwarding (RPF) does not properly function in strict mode.

SEIL/X Series and SEIL/B1 are routers. SEIL/X Series and SEIL/B1 contains a vulnerability in which IPv6 Unicast Reverse Path Forwarding (RPF) does not properly function in strict mode.

Only IPv6 Unicast RPF in strict mode is vulnerable. According to the developer, IPv6 Unicast RPF in loose mode and IPv4 Unicast RPF are not affected by this vulnerability.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 4.3 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
Affected Products


Internet Initiative Japan Inc.
  • SEIL/B1 firmware 1.00 to 2.73
  • SEIL/X1 firmware 1.00 to 2.73
  • SEIL/X2 firmware 1.00 to 2.73

Impact

Packets that should be discarded, such as when an IP address is spoofed, may be transferred without being discarded.
Solution

[Update the Software]
Update to the latest version according to the information provided by the developer.

[Packet Filtering]
Setting up a packet filter using the filter6 command will mitigate this vulnerability.
Vendor Information

Internet Initiative Japan Inc.
CWE (What is CWE?)

  1. No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2010-2363
References

  1. JVN : JVN#12683004
  2. National Vulnerability Database (NVD) : CVE-2010-2363
Revision History

  • [2010/08/25]
      Web page published

Date Public2010/08/25
Date First Published2010/08/25
Date Last Updated2010/08/25