11502 : Multiple BSD sysctl Control Failure Source Routing Attack
Printer | http://osvdb.org/11502 | Email This | Edit Vulnerability

Views This Week

Views All Time

160

Info

Last Modified

10 months ago

Percent Complete

90%

Disclosure

Feb 15, 1998

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Multiple BSDs contain a flaw that may allow a malicious user to spoof TCP connections against BSD hosts on networks that do not filter source routed packets via router packet filters. The issue is triggered when the sysctl system configuration control for "do source route" does not prevent source routed packets from being accepted by 4.4BSD kernels, even when the sysctl variable net.inet.ip.dosourceroute is set to '0'. It is possible that the flaw may result in a loss of integrity.

Classification

Location: Remote/Network Access Required
Attack Type: Infrastructure
Impact: Loss of Integrity
Exploit: Exploit Unavailable
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, FreeBSD and OpenBSD have released patches to address this vulnerability.

Products

FreeBSD Project	FreeBSD	2.1
		2.2.5
		2.1.5
		2.1.6
		2.1.7
		2.2
		2.2.1
		2.2.2

OpenBSD	OpenBSD	2.0
		2.1
		2.2

References

CVE ID: 1999-0305 (see also: NVD)
ISS X-Force ID: 736
Vendor Specific Solution URL: http://www.openbsd.org/advisories/sourceroute.txt
Vendor Specific Advisory URL: http://www.openbsd.org/advisories/sourceroute.txt

Credit

Unknown or Incomplete

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches

Views This Week

Views All Time

Info

Last Modified

Percent Complete

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

FreeBSD Project

FreeBSD

OpenBSD

OpenBSD

References

Credit

Blogs

Comments