Rapid7 Vulnerability & Exploit Database

IRDP (ICMP Router Discovery Protocol) enabled

Back to Search

IRDP (ICMP Router Discovery Protocol) enabled

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
08/11/1999
Created
07/25/2018
Added
11/01/2004
Modified
06/15/2017

Description

ICMP Router Discovery Protocol (IRDP) is enabled on this host. IRDP is an extension to the ICMP protocol that allows hosts to discover routers on their networks by listening for "router advertisement" broadcasts on their networks. Receipt of router advertisement messages by a host may result in changes to the host's routing table. Since IRDP does not provide for the authenticity of router advertisement messages, hosts running IRDP can be spoofed into changing their routes.

An attacker could send spoofed IRDP router advertisement messages to the host, causing it to change its default route to whatever the attacker chooses. This could result either a complete denial-of-service (i.e. changing the default gateway to something invalid) or susceptibility to passive sniffing and/or man-in-the-middle attacks (i.e. changing the gateway to a router under the attacker's control).

Solution(s)

  • generic-icmp-irdp-block-disable-ios
  • generic-icmp-irdp-block-disable-vista_2k8
  • generic-icmp-irdp-block-disable-nt-w2k-xp
  • generic-icmp-irdp-block-disable-openbsd
  • generic-icmp-irdp-block-disable-solaris
  • generic-icmp-irdp-block-disable-w9x-me

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;