Security experts believe there are no known vulnerabilities in IPv6 that aren't already possible in IPv4. "We expect vulnerabilities in transition and tunneling protocols during the migration from IPv4 to IPv6," said Cory Benninger, CISSP Security Consultant at Foundstone Professional Services, a Division of McAfee, in an e-mail to TechWeb. "The IPv6 platform's immaturity is the largest vulnerability."
Implementation flaws in IPv6 have already hit a number of software vendors. Benninger provided a sample list: Cisco IOS IPv6 denial-of-service vulnerability, Linux Kernel IPv6 Denial of Service Vulnerability and Windows (XP, 2k3, Longhorn) is vulnerable to IPv6 Land attack.
IPv6 isn't backward compatible with IPv4. Lightman said transition will require encapsulation, tunneling or dual-stack routing where both protocols run simultaneously for awhile. O'Donovan said Microsoft Vista will be dual-stack.