Vigil@nce - Windows: IPv6 address spoofing via ISATAP
April 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
When ISATAP is enabled, an attacker can spoof an IPv6 source address, in order to bypass for example filtering rules.
Severity: 2/4
Creation date: 14/04/2010
DESCRIPTION OF THE VULNERABILITY
The ISATAP (Intra-Site Automatic Tunnel Addressing Protocol)
protocol is used to encapsulate IPv6 packets in an IPv4 tunnel.
Windows does not check if the encapsulated source IPv6 address
matches the source IPv4 address.
When ISATAP is enabled, an attacker can therefore spoof an IPv6
source address, in order to bypass for example filtering rules.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Windows-IPv6-address-spoofing-via-ISATAP-9581