CVE-2009-0418

Name of the Vulnerable Software and Affected Versions HP-UX versions B.11.11 through B.11.31

Description The issue concerns the IPv6 Neighbor Discovery Protocol (NDP) implementation, which fails to validate the origin of Neighbor Discovery messages. This allows remote attackers to cause a denial of service, read private network traffic, and possibly execute arbitrary code via a spoofed message that modifies the Forward Information Base (FIB).

Recommendations For HP-UX versions B.11.11 through B.11.31, consider restricting access to the network to minimize the risk of exploitation until a patch is available. As a temporary workaround, restrict the use of the IPv6 Neighbor Discovery Protocol (NDP) implementation to prevent spoofed messages from modifying the Forward Information Base (FIB).