I've cobbled together a patch to address an IPv6 RA flood attack affecting
FreeBSD. An acquaintance I meet for coffee at the Victoria Linux Users
Group has sent the forwarded email below describing the problem and my
reply. Having Googled the problem, it was announced here:
http://www.mh-sec.de/downloads/mh-RA_flooding_CVE-2010-multiple.txt
Our nmap port offers a script to test/exploit the issue documented here:
https://nmap.org/nsedoc/scripts/ipv6-ra-flood.html
This patch addresses the issue but considering I don't know the
IPv6 router code as well as I should, this will need special attention to get it completely right.
I can forward the original email sent to me last week disclosing the problem however the URLs above are probably sufficient.
If someone else wants to take this over, that will be fine too.