wide-area network is also possible.
More information on Mobile IPv6 can be found at the following link:
http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-mobile.html
The Mobile IP Support NAT Traversal feature is documented in RFC
3519. It introduces an alternative method for tunneling Mobile IP
data traffic. New extensions in the Mobile IP registration request
and reply messages have been added for establishing User Datagram
Protocol (UDP) tunneling. This feature allows mobile devices in
collocated mode that use a private IP address (RFC 1918) or foreign
malicious message with no sender was received by a user on their
device, the user may be enticed in taking action or clicking the
URI that could lead to a second order attack.
Mitigating Factors: By default Windows mobile device policy require
SI messages to be authenticated. The Mobile Operators have the
ability to change the policy to not requiring authentication in
order for 3rd party ring tones and other SI messages.
Microsoft will look into a different architecture in future versions.
EMC SW: EMC SourceOne Email Management for Notes/Domino 6.6.0.1209 (HF1) and earlier
NOTE: New installations using SourceOne Email Management 6.6 SP1 and later are not affected by this issue.
This ESA applies only to SourceOne customers using the Mobile Services component of SourceOne Email Management. The Mobile Services component is included in the EMC SourceOne Email Management software kit and is used only in the following environments:
EMC SourceOne Email Management
EMC SourceOne for File Systems
Vulnerability Summary:
An overview of how the application and protocol works is available at:
http://bnetauth.freeportal.us/specification.html
Summary:
The Mobile Authenticator client/server initialization protocol is insecure.
Any attacker that is able to capture the request/response pair can fully
compromise the Serial Number/Secret Key which is vital to the secure
operation of the authentication mechanism.
Description:
