1.0.4

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

miredo

NVD

Published: 2006-12-31

Updated: 2011-03-08

Summary

Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching with HMAC-MD5-64 hashing, which allows remote attackers to impersonate an arbitrary Teredo client.

Vulnerable Configurations

Part	Description	Count
Application	Miredo Miredo Miredo 0.9.8 Miredo Miredo 1.0.3 Miredo Miredo 1.0.4 Miredo Miredo *	4

References

http://secunia.com/advisories/23596
http://www.simphalempin.com/dev/miredo/mtfl-sa-0604.shtml.en
http://www.vupen.com/english/advisories/2007/0029