A vulnerability in the way OpenBSD handles IPv6 data packets exposes systems running the traditionally secure open-source operating system to serious attack.
A memory corruption vulnerability error exists in the OpenBSD code that handles IPv6 packets, Core Security Technologies said in an alert published Tuesday. Exploiting the flaw could let an attacker commandeer a vulnerable system, according to Core, which said it discovered the issue and crafted sample exploit code.
"This vulnerability allows attackers to gain complete control of the target system bypassing all the operating system's security mechanisms," Core said in a statement Wednesday. Core deems the issue "critical." Security-monitoring company Secunia rates it "highly critical."
full story: OpenBSD hit by 'critical' IPv6 flaw | Tech News on ZDNet
A memory corruption vulnerability error exists in the OpenBSD code that handles IPv6 packets, Core Security Technologies said in an alert published Tuesday. Exploiting the flaw could let an attacker commandeer a vulnerable system, according to Core, which said it discovered the issue and crafted sample exploit code.
"This vulnerability allows attackers to gain complete control of the target system bypassing all the operating system's security mechanisms," Core said in a statement Wednesday. Core deems the issue "critical." Security-monitoring company Secunia rates it "highly critical."
full story: OpenBSD hit by 'critical' IPv6 flaw | Tech News on ZDNet
