Vulnerabilites related to Yamaha Corporation - RT250i
jvndb-2009-000068
Vulnerability from jvndb
Published
2009-10-26 15:58
Modified
2010-01-25 12:02
Severity ?
() - -
Summary
Implementations of IPv6 may be vulnerable to denial of service (DoS) attacks
Details
Implementations of Internet Protocol version 6 (IPv6) may be vulnerable to denial of service (DoS) attacks. Implementations of IPv6 contain an issue in the processing of packets related to the Neighbor Discovery Protocol (RFC4861), which may lead to a denial of service vulnerablility. For more information, refer to the vendor's website. Akira Kanai of INTERNET MULTIFEED CO., Shin Shirahata and Rodney Van Meter of Keio University and Tatuya Jinmei of Internet Systems Consortium, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developers under Information Security Early Warning Partnership. The reporters would also like to thank the following for the analysis of the vulnerability: Shinsuke Suzuki of KAME Project, Hideaki Yoshifuji and Shinta Sugimoto of USAGI Project.
References
JVN http://jvn.jp/en/jp/JVN75368899/index.html
IETF http://www.ietf.org/rfc/rfc4942.txt
IETF http://www.ietf.org/rfc/rfc3971.txt
IETF http://www.ietf.org/rfc/rfc3972.txt
IETF http://www.ietf.org/rfc/rfc4861.txt
IETF http://www.ietf.org/rfc/rfc4862.txt
IETF http://www.ietf.org/rfc/rfc3756.txt
IETF http://www.ietf.org/rfc/rfc4890.txt
Improper Input Validation(CWE-20) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Impacted products
THE FURUKAWA ELECTRIC CO., LTD.FITELnet-F Series
NEC CorporationIP38X SERIES
Yamaha CorporationRT105 Series
Yamaha CorporationRT107e
Yamaha CorporationRT140 Series
Yamaha CorporationRT250i
Yamaha CorporationRT300i
Yamaha CorporationRT56v
Yamaha CorporationRT60w
Yamaha CorporationRTA54i
Yamaha CorporationRTA55i
Yamaha CorporationRTV700
Yamaha CorporationRTW65b
Yamaha CorporationRTW65i
Yamaha CorporationRTX1000
Yamaha CorporationRTX1100
Yamaha CorporationRTX1500
Yamaha CorporationRTX2000
Yamaha CorporationRTX3000
Yamaha CorporationSRT100
Yamaha CorporationRT57i
Yamaha CorporationRT58i
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000068.html",
  "dc:date": "2010-01-25T12:02+09:00",
  "dcterms:issued": "2009-10-26T15:58+09:00",
  "dcterms:modified": "2010-01-25T12:02+09:00",
  "description": "Implementations of Internet Protocol version 6 (IPv6) may be vulnerable to denial of service (DoS) attacks.\r\n\r\nImplementations of IPv6 contain an issue in the processing of packets related to the Neighbor Discovery Protocol (RFC4861), which may lead to a denial of service vulnerablility.\r\n\r\nFor more information, refer to the vendor\u0027s website.\r\n\r\nAkira Kanai of INTERNET MULTIFEED CO., Shin Shirahata and Rodney Van Meter of Keio University and Tatuya Jinmei of Internet Systems Consortium, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developers under Information Security Early Warning Partnership.\r\n\r\nThe reporters would also like to thank the following for the analysis of the vulnerability:\r\nShinsuke Suzuki of KAME Project, Hideaki Yoshifuji and Shinta Sugimoto of USAGI Project.",
  "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000068.html",
  "sec:cpe": [
    {
      "#text": "cpe:/h:furukawa_electric:fitelnet-f",
      "@product": "FITELnet-F Series",
      "@vendor": "THE FURUKAWA ELECTRIC CO., LTD.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:nec:ip38x",
      "@product": "IP38X SERIES",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rt105",
      "@product": "RT105 Series",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rt107e",
      "@product": "RT107e",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rt140",
      "@product": "RT140 Series",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rt250i",
      "@product": "RT250i",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rt300i",
      "@product": "RT300i",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rt56v",
      "@product": "RT56v",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rt60w",
      "@product": "RT60w",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rta54i",
      "@product": "RTA54i",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rta55i",
      "@product": "RTA55i",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rtv700",
      "@product": "RTV700",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rtw65b",
      "@product": "RTW65b",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rtw65i",
      "@product": "RTW65i",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rtx1000",
      "@product": "RTX1000",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rtx1100",
      "@product": "RTX1100",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rtx1500",
      "@product": "RTX1500",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rtx2000",
      "@product": "RTX2000",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:rtx3000",
      "@product": "RTX3000",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:yamaha:srt100",
      "@product": "SRT100",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:yamaha:rt57i_firmware",
      "@product": "RT57i",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:yamaha:rt58i_firmware",
      "@product": "RT58i",
      "@vendor": "Yamaha Corporation",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "5.7",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2009-000068",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN75368899/index.html",
      "@id": "JVN#75368899",
      "@source": "JVN"
    },
    {
      "#text": "http://www.ietf.org/rfc/rfc4942.txt",
      "@id": "RFC4942",
      "@source": "IETF"
    },
    {
      "#text": "http://www.ietf.org/rfc/rfc3971.txt",
      "@id": "RFC3971",
      "@source": "IETF"
    },
    {
      "#text": "http://www.ietf.org/rfc/rfc3972.txt",
      "@id": "RFC3972",
      "@source": "IETF"
    },
    {
      "#text": "http://www.ietf.org/rfc/rfc4861.txt",
      "@id": "RFC4861",
      "@source": "IETF"
    },
    {
      "#text": "http://www.ietf.org/rfc/rfc4862.txt",
      "@id": "RFC4862",
      "@source": "IETF"
    },
    {
      "#text": "http://www.ietf.org/rfc/rfc3756.txt",
      "@id": "RFC3756",
      "@source": "IETF"
    },
    {
      "#text": "http://www.ietf.org/rfc/rfc4890.txt",
      "@id": "RFC4890",
      "@source": "IETF"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-20",
      "@title": "Improper Input Validation(CWE-20)"
    }
  ],
  "title": "Implementations of IPv6 may be vulnerable to denial of service (DoS) attacks"
}