CVE-2008-2476

N/A Unknown
Published: October 03, 2008 Modified: April 23, 2026
View on NVD

Description

The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc
Source: cret@cert.org
http://secunia.com/advisories/32112
Source: cret@cert.org
Vendor Advisory
http://secunia.com/advisories/32116
Source: cret@cert.org
http://secunia.com/advisories/32117
Source: cret@cert.org
Vendor Advisory
http://secunia.com/advisories/32133
Source: cret@cert.org
http://secunia.com/advisories/32406
Source: cret@cert.org
http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc
Source: cret@cert.org
Vendor Advisory
http://securitytracker.com/id?1020968
Source: cret@cert.org
http://support.apple.com/kb/HT3467
Source: cret@cert.org
http://www.kb.cert.org/vuls/id/472363
Source: cret@cert.org
US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-7H2RY7
Source: cret@cert.org
US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-7H2S68
Source: cret@cert.org
US Government Resource
http://www.openbsd.org/errata42.html#015_ndp
Source: cret@cert.org
http://www.openbsd.org/errata43.html#006_ndp
Source: cret@cert.org
http://www.securityfocus.com/bid/31529
Source: cret@cert.org
http://www.securitytracker.com/id?1021109
Source: cret@cert.org
http://www.securitytracker.com/id?1021132
Source: cret@cert.org
http://www.vupen.com/english/advisories/2008/2750
Source: cret@cert.org
http://www.vupen.com/english/advisories/2008/2751
Source: cret@cert.org
http://www.vupen.com/english/advisories/2008/2752
Source: cret@cert.org
http://www.vupen.com/english/advisories/2009/0633
Source: cret@cert.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/45601
Source: cret@cert.org
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670
Source: cret@cert.org
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2008-09-036&viewMode=view
Source: cret@cert.org
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32112
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/32116
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32117
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/32133
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32406
Source: af854a3a-2127-422b-91ae-364da2661108
http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://securitytracker.com/id?1020968
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.apple.com/kb/HT3467
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.kb.cert.org/vuls/id/472363
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-7H2RY7
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-7H2S68
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.openbsd.org/errata42.html#015_ndp
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.openbsd.org/errata43.html#006_ndp
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/31529
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1021109
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1021132
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2008/2750
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2008/2751
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2008/2752
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2009/0633
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/45601
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2008-09-036&viewMode=view
Source: af854a3a-2127-422b-91ae-364da2661108

48 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
10.5%
93th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-20

Affected Vendors

force10 juniper openbsd windriver freebsd netbsd

Related CVEs

CVE-2026-41279 N/A
CVE-2026-41278 N/A
CVE-2026-41277 N/A
CVE-2026-41276 N/A
CVE-2026-41275 N/A