Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Network Appliances :: marlin.htm

Scorpion Marlin - 0 byte UPD packet sent to SNMP port crashes it



Vulnerability

    Scorpion Marlin

Affected

    Scorpion Marlin (Nautica)

Description

    Christophe Grenier found following.   A 0 byte udp packet  sent to
    SNMP port (nmap -sU -p 161 pont-vesale) crashes the bridge.

        nef:~$ snmpwalk pv public system
        system.sysDescr.0 = "ScorpionMarlin"
        system.sysObjectID.0 = OID: enterprises.541.1
        system.sysUpTime.0 = Timeticks: (130641320) 15 days, 2:53:33.20
        system.sysContact.0 = "NoContact"
        system.sysName.0 = "PONT-VESALE"
        system.sysLocation.0 = "NoLocation"
        system.sysServices.0 = 15

    nmap documentation extract:

        -sU    UDP scans: This method is used to  determine  which
               UDP  (User  Datagram  Protocol,  RFC 768) ports are
               open on a host.  The technique is to  send  0  byte
               udp packets to each port on the target machine.  If
               we receive an ICMP port unreachable  message,  then
               the  port  is  closed.   Otherwise  we assume it is
               open.

    This is manufactured by Nautica from Bay Networks/Nortel.

Solution

    Nothing yet.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH