| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 27 Aug 2014 01:19:11 -0300
From: Fernando Gont <fgont@...networks.com>
To: "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>,
fulldisclosure@...lists.org
Subject: [FD] Fwd: RFC 7359 on Layer 3 Virtual Private Network (VPN) Tunnel
Traffic Leakages in Dual-Stack Hosts/Networks
Folks,
FYI: <https://www.rfc-editor.org/rfc/rfc7359.txt>
Best regards,
Fernando Gont
-------- Forwarded Message --------
Subject: RFC 7359 on Layer 3 Virtual Private Network (VPN) Tunnel
Traffic Leakages in Dual-Stack Hosts/Networks
Date: Tue, 26 Aug 2014 18:23:00 -0700 (PDT)
From: rfc-editor@...-editor.org
Reply-To: ietf@...f.org
To: ietf-announce@...f.org, rfc-dist@...-editor.org
CC: drafts-update-ref@...a.org, rfc-editor@...-editor.org
A new Request for Comments is now available in online RFC libraries.
RFC 7359
Title: Layer 3 Virtual Private Network
(VPN) Tunnel Traffic Leakages in Dual-Stack
Hosts/Networks
Author: F. Gont
Status: Informational
Stream: IETF
Date: August 2014
Mailbox: fgont@...networks.com
Pages: 12
Characters: 26506
Updates/Obsoletes/SeeAlso: None
I-D Tag: draft-ietf-opsec-vpn-leakages-06.txt
URL: https://www.rfc-editor.org/rfc/rfc7359.txt
The subtle way in which the IPv6 and IPv4 protocols coexist in
typical networks, together with the lack of proper IPv6 support in
popular Virtual Private Network (VPN) tunnel products, may
inadvertently result in VPN tunnel traffic leakages. That is,
traffic meant to be transferred over an encrypted and integrity-
protected VPN tunnel may leak out of such a tunnel and be sent in the
clear on the local network towards the final destination. This
document discusses some scenarios in which such VPN tunnel traffic
leakages may occur as a result of employing IPv6-unaware VPN
software. Additionally, this document offers possible mitigations
for this issue.
This document is a product of the Operational Security Capabilities for
IP Network Infrastructure Working Group of the IETF.
INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.
This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
https://www.ietf.org/mailman/listinfo/ietf-announce
https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/rfc.html
Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@...-editor.org. Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.
The RFC Editor Team
Association Management Solutions, LLC
--
Fernando Gont
e-mail: fernando@...t.com.ar || fgont@...networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists