Miredo: Teredo IPv6 tunneling for Linux and BSD

Securing Miredo

You should refer to the README file which has some informations on how to secure your Miredo installation, depending on the version of the program.

Unprivileged execution

To mitigate risks in case a security breach were to be found, Miredo normally drops all privileges before handling any data from the network. Note however that Miredo still has to be started by root.

Miredo uses the common nobody unprivileged user in the default configuration. Most third-party distributions change this to a separate user with no shell for extra security. If you compile Miredo yourself, you should do likewise.

Privileges separation

When run as a Teredo client, Miredo still needs network administration privileges when running. That is implemented with a separate privileged process, which is in charge of updating the tunnel network device paramaters.

In case of remote compromise of the program, the attacker should, unfortunately, be able to disrupt IPv6 connectivity.

Security advisories

Here is the list of official security advisories for Miredo in reverse chronological order. High priority is assigned to items that poses an immediate threat. Low priority is assigned to items that are difficult to exploit, or have a minor potential impact. Null priority refers to security advisories that are present only for reference to external vulnerability reports that are not considered to be problematic.

mtfl-sa-0703: null priority
Teredo client packet sent to arbitrary addresses
mtfl-sa-0702: null priority
Teredo client information leak in IPv6 addresses
mtfl-sa-0701: high priority
Design error in IPv6 Routing Header type 0
mtfl-sa-0604: high priority
Teredo relay and client input validation error
in Miredo 1.0.5 down to 0.9.8
mtfl-sa-0603: high priority
Teredo server packet forwarding infinite loop
in Miredo 0.9.6 down to 0.1.0
mtfl-sa-0602: low priority
Teredo client failure to handle error
in Miredo 0.8.4 down to 0.7.0
mtfl-sa-0601: high priority
Teredo client input validation error
in Miredo 0.8.0 down to 0.7.2
mtfl-sa-0501: low priority
Teredo client infinite loop
in Miredo 0.4.2 down to 0.2.0
mtfl-sa-0401 : high priority
Teredo server invalid pointer dereference
in Miredo 0.2.0