Apple Shuts Down IPv6 Security Hole

Apple has slammed the door shut on denial-of-service attacks and a security bypass that Type 0 routing headers in IPv6 let in. The company on June 20 put out an update, Mac OS X 10.4.10, that addresses the problem by disabling support for the headers. This vulnerability has been left wide open in IPv6 even though it was well-known and shut down in IPv4; by default, all routing engines now turn it off.

This particular type of packet header can be used to crazily bounce network packets back and forth between hops on their route, clogging up bandwidth and potentially causing a DoS. Back in April, two researchers, EADS Corporate Research Center research engineers Philippe Biondi and Arnaud Ebalard, showed that when you can specify where your nodes route packets, you can create a loop—for example, from hop A to hop B to hop A to hop B—that exponentially jacks up Internet traffic, thus causing a DDoS (distributed DoS).

View: The full story
News source: eWeek

Report a problem with article
Previous Story

Nvidia to launch MCP 78 chipset in October

Next Story

Symantec outgrows underground nuclear bunker

7 Comments

Commenting is disabled on this article.

Umm if this is the update that was released today on software update why did my mac reboot like 2 times and took ages to boot the second time, did it on the last update to is something wrong?

It is perfectly normal for that to happen after an update. Same thing happened to me after updating to 10.4.9 and 10.4.10

I'm sure using terminology such as 'slammed the door shut' makes everyone with a macintosh feel safer.

The company ... put out an update ... that addresses the problem by disabling support for the headers.

Great idea. Why don`t I fix bugs like that