15619 : Multiple Vendor ICMP Implementation Malformed Path MTU DoS
Printer | http://osvdb.org/15619 | Email This | Edit Vulnerability

Views This Week

Views All Time

122

Info

Last Modified

2 months ago

Percent Complete

100%

Disclosure

Apr 16, 2005

Discovery

Unknown

Dates

Exploit

Apr 20, 2005

Solution

Unknown

Description

Multiple ICMP implementations contains a flaw that may allow a remote denial of service. The issue is triggered due to the handling of ICMP error messages and when the "Path MTU Discovery" (PMTUD) mechanism is used. By sending a specially crafted ICMP error message, a remote attacker could arbitrary reduce the throughput of a TCP connection resulting in a loss of availability.

Classification

Location: Remote/Network Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Contact your vendor for an appropriate upgrade. An upgrade is required as there are no known workarounds.

Products

OpenBSD

3.4

Apple Computer, Inc.	Mac OS X	10.0.x
		10.1.x

Sun Microsystems, Inc.	Sun Solaris	9
		8
		7
		10

Wind River Systems Inc.	VxWorks	5.5.x
		5.4

International Business Machines Corporation

AIX

Unknown or Unspecified

Juniper Networks, Inc.

JUNOS

Unknown or Unspecified

Network Appliance, Inc.

Data ONTAP

Unknown or Unspecified

Redback Networks Inc.	SMS	Unknown or Unspecified
Redback Networks Inc.	SmartEdge	Unknown or Unspecified

SCO Group, Inc.

UnixWare

7.1.4 Maintenance Pack 1

WatchGuard Technologies, Inc.

All Products

All Versions

Cisco Systems, Inc.	IOS	12.0
		12.1
		12.2
		12.3
	IOS XR	Unknown or Unspecified
	Cisco IP Phone 7940G	Unknown or Unspecified
	Cisco IP Phone 7960G	Unknown or Unspecified
	Cisco PIX Security Appliance	Unknown or Unspecified
	Cisco VPN 5000 Concentrator	Unknown or Unspecified
	Cisco ONS 15454	Unknown or Unspecified
	Cisco ONS 15302	Unknown or Unspecified
	Cisco ONS 15305	Unknown or Unspecified

Nortel Networks Limited	Wireless Access Point	7220
	Switch	Model 2216T
	VPN Router	100, 1010, 1050, 1100, 1700, 1740, 1750, 2700, 5000, Portfolio
	Alteon	180, 180 Plus, 180e
	Access Node (AN)	Unknown or Unspecified
	Access Node Hub (ANH)	Unknown or Unspecified
	Advanced Remote Node (ARN)	Unknown or Unspecified
	Alteon ACEdirector2	Unknown or Unspecified
	Alteon CACHEdirector Series	Unknown or Unspecified
	Alteon Web Switch	AD3
	Application Switch	2208, 2216, 2224, 2424-SSL, 2424, 2424
	Backbone Concentrator Node (BCN)	Unknown or Unspecified
	Backbone Link Node (BLN)	Unknown or Unspecified
	BayStack 100 Hubs	100, 100Base-T
	BayStack Hub	150, 200, 250
	BayStack Switch	28200, 303, 304
	BayStack Switch	310-24T, 310-24T, 380-24T, 410-24T
	BayStack 30T - 30F Converter	Unknown or Unspecified
	Bulletin temp product	Unknown or Unspecified
	Business Policy Switch	Unknown or Unspecified
	Content Cache	Unknown or Unspecified
	Content Director	Unknown or Unspecified
	Content Manager	Unknown or Unspecified
	Contivity VPN Switch	400, 1000, 1500, 2000, 2500, 4000
	Contivity Secure IP Services Gateway	1600, 2600, 4500, 4600
	e-mobility Wireless LAN	Unknown or Unspecified
	Ethernet Routing Switch	1150, 5510, 5520, 5530-24TFD, 8300, 8600, RPS 15, Web Switching Module
	Ethernet Switch	325, 380-24F, 420-24T, 425-24T, 450-24T, 460-24T-PWR, 470-24T, 470-48T, Portfolio, Power Supply Unit 10
	Instant Internet	100-S
	Media Gateway	15000, 7400
	Metro Ethernet Routing Switch	8600
	Intelligent Traffic Management Signature for EMS Wizard	Unknown or Unspecified
	Link Optimizer	2430, 5430
	Multiprotocol Router	6400, 7400
	Multiservice Switch	15000, 15000-VSS, 15000/20000, 20000
	Passport Routing Switch	1100 , 1200
	Passport	4120
	Passport Packet Voice Gateway (PVG)	Unknown or Unspecified
	Security Element Manager	Unknown or Unspecified
	Services Edge Router	5500
	SSL Accelerator	Unknown or Unspecified
	SSL VPN	Unknown or Unspecified
	Switched Firewall	5100, 6000
	VPN Client	Unknown or Unspecified
	VPN Gateway	3050
	Web Switch	184, AD4
	Wireless Gateway	7250

Microsoft Corporation	Windows	2000 SP3
		98
		98 SE
		ME
		2000 SP4
		XP SP1
		XP SP2
		2003 Server
		XP x64 Version 2003
		XP x64 SP1

References

Tools & Filters

Nessus	18023 18028
Snort	3626

Credit

Fernando Gont - fernandogont.com.ar -

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches

Views This Week

Views All Time

Info

Last Modified

Percent Complete

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

OpenBSD

Mac OS X

Sun Solaris

VxWorks

AIX

JUNOS

Data ONTAP

SMS

SmartEdge

UnixWare

All Products

IOS

IOS XR

Cisco IP Phone 7940G

Cisco IP Phone 7960G

Cisco PIX Security Appliance

Cisco VPN 5000 Concentrator

Cisco ONS 15454

Cisco ONS 15302

Cisco ONS 15305

Wireless Access Point

Switch

VPN Router

Alteon

Access Node (AN)

Access Node Hub (ANH)

Advanced Remote Node (ARN)

Alteon ACEdirector2

Alteon CACHEdirector Series

Alteon Web Switch

Application Switch

Backbone Concentrator Node (BCN)

Backbone Link Node (BLN)

BayStack 100 Hubs

BayStack Hub

BayStack Switch

BayStack 30T - 30F Converter

Bulletin temp product

Business Policy Switch

Content Cache

Content Director

Content Manager

Contivity VPN Switch

Contivity Secure IP Services Gateway

e-mobility Wireless LAN

Ethernet Routing Switch

Ethernet Switch

Instant Internet

Media Gateway

Metro Ethernet Routing Switch

Intelligent Traffic Management Signature for EMS Wizard

Link Optimizer

Multiprotocol Router

Multiservice Switch

Passport Routing Switch

Passport

Passport Packet Voice Gateway (PVG)

Security Element Manager

Services Edge Router

SSL Accelerator

SSL VPN

Switched Firewall

VPN Client

VPN Gateway

Web Switch

Wireless Gateway