Tahi users and developers,
As well-known,when the type of IPv6 routing header is set to IPV6_RTHDR_YPE_0,
it would allow remote attackers to cause a denial of service via
crafted IPv6 type 0 route headers that create network
amplification between two routers.
In the current time,the solution which is adopted by many products
wil cause IPv6 type 0 routing headers to be ignored. But the test scripts
from www.tahi.org dont ignored IPv6 type 0 headers.
So when we are having a IPv6ready Certification,some tests about
IPv6 type 0 routing header will fail if Self_Test from www.tahi.org
isn't modified.
how should we process this case when we are ready to have a IPv6ready
Certification?
please refer to
(1) http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc
(2) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2242
(3) http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf
Regards,
Zhiyong Wu