You may have noticed that a remote exploit has been found in the venerated OpenBSD. Since this is only the second remote code execution condition found in 10 years, it warrants some attention, certainly. It had to hurt a little to increment that counter from "one" to "two" on the openbsd.org page.
What's interesting about this vulnerability, however, is that it's specific to IPv6. The Department of Defense has put some significant momentum behind IPv6 adoption, and this OpenBSD vulnerability got me thinking about how many untested implementations of IPv6 are out there. I imagine that as IPv6 gets rolled out, security researchers will find it an interesting avenue for exploit. Depending on how adoption occurs, we're likely to see a rash of IPv6 based exploits.
Don't get me wrong, it's not that there aren't IPv6 vulnerabilities out there, but ultimately, the attackers go where the target space is richest, and that isn't IPv6 today.
Comments (2)
It will be interesting to see if FreeBSD is vulnerable as well.
Posted by Storms | March 15, 2007 8:39 AM
Posted on March 15, 2007 08:39
I just wanted to add a quick comment on the OpenBSD vulnerability counter being increased from 1 to 2. This may not be entirely accurate... after all they attempted to get away with calling this vulnerability a reliability fix. I'm hoping we'll see people review the rest of their "reliability fixes" in the near future... perhaps there are plenty of OpenBSD Vulns and they just don't announce them as vulns.
Posted by Tyler Reguly | March 15, 2007 9:48 AM
Posted on March 15, 2007 09:48