Teredo IPv6 Transition Technology Vulnerability in Microsoft Products
CVE-2006-6264

Currently unrated

Key Information:

Vendor
Microsoft
Status
Teredo
Vendor
CVE Published:
4 December 2006

Summary

The vulnerability in Teredo allows the creation of trusted peer entries for arbitrary incoming source Teredo addresses. Even when the low 32 bits represent intranet addresses, this can enable remote attackers to route IPv4 traffic to intranet hosts that employ non-RFC1918 addresses. This situation poses a risk because it circumvents established IPv4 ingress filtering mechanisms, potentially exposing internal systems to undesired external access.

References

http://www.symantec.com/avcenter/reference/Teredo_Securit...
x_refsource_MISC
http://www.securityfocus.com/archive/1/452996/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/452989/100/0/threaded
mailing-listx_refsource_BUGTRAQ

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2006-6264 : Teredo IPv6 Transition Technology Vulnerability in Microsoft Products | SecurityVulnerability.io