{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"critical"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2008-2476","title":"Title"},{"category":"description","text":"The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2008-2476","url":"https://www.suse.com/security/cve/CVE-2008-2476"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 412118 for CVE-2008-2476","url":"https://bugzilla.suse.com/412118"}],"title":"SUSE CVE CVE-2008-2476","tracking":{"current_release_date":"2023-02-15T06:08:05Z","generator":{"date":"2023-02-15T06:08:05Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2008-2476","initial_release_date":"2023-02-15T06:08:05Z","revision_history":[{"date":"2023-02-15T06:08:05Z","number":"2","summary":"Current version"}],"status":"interim","version":"2"}}}