Published:2010/08/25  Last Updated:2010/08/25

JVN#12683004
SEIL/X Series and SEIL/B1 IPv6 Unicast RPF vulnerability

Overview

SEIL/X Series and SEIL/B1 contains a vulnerability in which  IPv6 Unicast Reverse Path Forwarding (RPF) does not properly function in strict mode.

Products Affected

  • SEIL/X1 firmware 1.00 to 2.73
  • SEIL/X2 firmware 1.00 to 2.73
  • SEIL/B1 firmware 1.00 to 2.73

Only IPv6 Unicast RPF in strict mode is vulnerable. According to the developer, IPv6 Unicast RPF in loose mode and IPv4 Unicast RPF are not affected by this vulnerability.

Description

SEIL/X Series and SEIL/B1 are routers. SEIL/X Series and SEIL/B1 contains a vulnerability in which  IPv6 Unicast Reverse Path Forwarding (RPF) does not properly function in strict mode.

Impact

Packets that should be discarded, such as when an IP address is spoofed, may be transferred without being discarded.

Solution

Update the Software
Update to the latest version according to the information provided by the developer.

Packet Filtering
Setting up a packet filter using the filter6 command will mitigate this vulnerability.

Vendor Status

Vendor Status Last Update Vendor Notes
Internet Initiative Japan Inc. vulnerable 2010/08/25

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2010-2363
JVN iPedia JVNDB-2010-000032