JVN#12683004
SEIL/X Series and SEIL/B1 IPv6 Unicast RPF vulnerability
Overview
SEIL/X Series and SEIL/B1 contains a vulnerability in which IPv6 Unicast Reverse Path Forwarding (RPF) does not properly function in strict mode.
Products Affected
- SEIL/X1 firmware 1.00 to 2.73
- SEIL/X2 firmware 1.00 to 2.73
- SEIL/B1 firmware 1.00 to 2.73
Only IPv6 Unicast RPF in strict mode is vulnerable. According to the developer, IPv6 Unicast RPF in loose mode and IPv4 Unicast RPF are not affected by this vulnerability.
Description
SEIL/X Series and SEIL/B1 are routers. SEIL/X Series and SEIL/B1 contains a vulnerability in which IPv6 Unicast Reverse Path Forwarding (RPF) does not properly function in strict mode.
Impact
Packets that should be discarded, such as when an IP address is spoofed, may be transferred without being discarded.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Packet Filtering
Setting up a packet filter using the filter6 command will mitigate this vulnerability.
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| Internet Initiative Japan Inc. | vulnerable | 2010/08/25 |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2010-2363 |
| JVN iPedia |
JVNDB-2010-000032 |