Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
An attacker must have local network access to a vulnerable device. An attacker can employ publicly available exploit code to launch an attack. A successful exploit can lead to a denial of service (DoS) scenario or enable an attacker to gain control of a device.
Kill Chain
Risk Score
88
The Neighbor Discovery Protocol (NDP) facilitates host-router discovery and DNS configuration for IPv6 addresses. ICMPv6 message types defined by NDP help to identify relationships between devices in an IPv6 network. One of these message types is a Router Advertisement (message type 134), which includes a Recursive DNS Server (RDNSS) option for including DNS server information. The router solicitation daemon (rtsold) in FreeBSD has a vulnerability in how it processes incoming ICMPv6 Router Advertisement messages. An attacker creates a malicious message with a manipulated RDNSS option field. If the RDNSS option is zero, rtsold continues to process the message in an infinite loop, causing a denial of service (DoS). If the RDNSS option length is too large, rtsold performs an out-of-bounds read, which could lead to remote command execution (RCE).
Install relevant patches for affected devices
