Multiple Vendor IRDP Vulnerability...

- AV AC AU C I A
发布: 1999-08-11
修订: 2018-10-17

[This discussion is verbatim from the LHI Advisory referenced in the "Reference Section" of this vulnerability entry with very few changes] The ICMP Router Discovery Protocol (IRDP) comes enabled by default on DHCP clients that are running Microsoft Windows95 (w/winsock2), Windows95b, Windows98, Windows98se, and Windows2000 machines. By spoofing IRDP Router Advertisements, an attacker can remotely add default route entries on a remote system. The default route entry added by the attacker will be preferred over the default route obtained from the DHCP server. This results in higher susceptibility to denial of service, passive snooping and man in the middle attacks. While Windows 2000 does indeed have IRDP enabled by default, it is less vulnerable as it is impossible to give it a route that is preferred over the default route obtained via DHCP. SunOS systems will also intentionally use IRDP under specific conditions. For Solaris2.6, the IRDP daemon, in.rdisc, will be started if the ...

0%
当前有1条漏洞利用/PoC
产品及版本信息(CPE)暂不可用