UKNOF43 (Manchester)

Name: UKNOF43 (Manchester)
Start: 2019-04-09T00:25:00+01:00
End: 2019-04-09T20:30:00+01:00
Location: Manchester Central Convention Complex

9 April 2019

Manchester Central Convention Complex

Europe/London timezone

UKNOF43 admin

admin@uknof.org.uk

Scanning IPv6 Address Space… and the remote vulnerabilities it uncovers

9 Apr 2019, 17:40

15m

Charter 1, 2 & 3 (Manchester Central Convention Complex)

Charter 1, 2 & 3

Manchester Central Convention Complex

Petersfield Manchester M2 3GX

Standard Presentation Main Session

Marek Isalski (Faelix Limited)

During some research which found CVE-2018-19298 (MikroTik IPv6 Neighbor Discovery Protocol exhaustion), I uncovered a larger problem with MikroTik RouterOS’s handling of IPv6 packets. This led to CVE-2018-19299, an unpublished and as yet unfixed (despite almost one year elapsing since vendor acknowledgement) vulnerability in RouterOS which allows for remote, unauthenticated denial of service. Unpublished… until UKNOF 43!

Summary

Previously given at NetMcr (today). Two attendees suggested this as material for UKNOF43.

Talk Duration	15 minutes
May we live webcast the talk?<br />(recordings will be available publicly online)	Yes
May we publish the slides on our website?	Yes
Your consent for us to publish your name and<br />affiliation as a Speaker on the UKNOF43 website	Yes

Marek Isalski (Faelix Limited)

Presentation Video

UKNOF 43 IPv6 Scanning Marek Isalski.pdf

UKNOF43 (Manchester)

UKNOF43 admin

Scanning IPv6 Address Space… and the remote vulnerabilities it uncovers

Charter 1, 2 & 3

Manchester Central Convention Complex

Speaker

Description

Summary

Primary author

Presentation materials