Summary : Teredo client information leak in IPv6 addresses Date : 31 May 2007 Affected versions : Miredo, all versions Miredo-specific : No Impact : None immediate CVE ID : CVE-2006-6265 (candidate) ID : MTFL-SA-0702
Teredo clients, when located behind a restricted NAT, allow remote attackers to establish an inbound connection without the guessing required to find a port mapping for a traditional restricted NAT client, by (1) using the client port number contained in the Teredo address or (2) following the bubble-to-open procedure.
An attacker can reach IPv6-based network services of any Teredo client. Another additionnal vulnerability is required for further exploitation.
It is an essential intent and design property of the Teredo protocol that Teredo clients be reachable by third parties. This vulnerability is hence considered a non-issue.
Unneeded network services should not open listening port on a host. By default, they should be protected from the outside using a host-based firewall.
Use a host-based firewall if required.
This vulnerability is considered a non-issue, and cannot be “fixed” due to the very design of the Teredo protocol.
Jim Hoagland has published this issue in his Teredo security report. It had already been known, and eventually documented by ISS over two years earlier.
Some of this page content is copied from the CVE MITRE database.