Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Network Appliances :: napl5458.htm

Fore/Marconi ATM Switch 'land' vulnerability
17th Jun 2002 [SBWID-5458]

	Fore/Marconi ATM Switch \'land\' vulnerability


	Versions FT6.1.1 and FT7.0.1


	Seeker of Truth [] found following:

	Labratory testing indicates that a single \'land\' packet  sent  to  the
	telnet port (23) of either the  inband  or  out-of-band  interface  will
	cause the device to stop responding to ip traffic. Over  the  course  of
	6-1/2 minutes, all CPU will be consumed and device reboots.

	Basically a packet is forged with the source and destination IP  address
	and ports identical.

	We reproduced it using Internet Security Scanner 6.01 and  the  \'land\'
	and \'ciscoland\' tests. Many sources and derivatives are  available  on
	public security websites.

	It\'s a TCP/IP stack bug that\'s been known since 1997.  Here  are  some

	Vendor notified one year ago today :-)


	Nothing yet.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH