Title: 6Tunnel Connection Close State Denial of Service Vulnerability
Severity: HIGH
Description:
6tunnel is a freely available, open source software package designed to provide IPv6 functionality to hosts that do not comply with the standard. It works by creating IPv6 tunnels.
A problem in the software package makes it possible for a user to deny service to legitimate users of the service. The problem is the in the management of sockets by the program.
When a connection is closed by a client, the socket previously used by the connected client enters the CLOSE state, and does not time out, thus never returning to the socket pool. After a large (number unknown) amount of sockets enter the CLOSE state, 6tunnel becomes unstable and crashes.
This problem can allow a remote attacker to attempt numerous connect/disconnects to the 6tunnel server, creating a pool of sockets in the CLOSE state. Upon reaching a large enough number, the services crashes, resulting in a denial of service.
Affected Products:
- Wojtek Kaniewski 6tunnel 0.6.0
- Wojtek Kaniewski 6tunnel 0.7.0
- Wojtek Kaniewski 6tunnel 0.8.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
