Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Unix :: General :: unix4900.htm

IPRoute



6th Dec 2001 [SBWID-4900]
COMMAND

	IPRoute

SYSTEMS AFFECTED

	 IPRoute v1.18

	 IPRoute v0.974

	 IPRoute v0.973

	

PROBLEM

	Chris Gragsone and The TechnoDragon Foot Clan reported following  Denial
	of Service, regarding IPRoute, by David F. Mischler, which  is  PC-based
	router software for networks running the  Internet  Protocol  (IP)  (see
	http://www.trunkmonkey.com/homenetwork/iproute/ )
	

	The implementation of the router in IPRoute does  not  correctly  handle
	tiny fragmented packets, which split up the tcp header. If a  series  of
	tiny fragmented  packets  were  recieved  by  IPRoute,  it  would  cause
	IPRoute to fail. IPRoute could  be  put  back  into  normal  service  by
	restarting the interface, but all connections during  the  attack  would
	drop. It is not necessary  for  the  attacker  to  establish  a  session
	through  IPRoute  in  order  to  exploit  this  vulnerability.   ZapNET!
	firewalls are based on IPRoute and may also be vulnerable.
	

	The specific sequence of data packets involved with  this  vulnerability
	cannot be generated as part of a legitimate connection.
	

	Vulnerability Reproduction: Simply \"nmap -sS -f  ip-address\".  IPRoute
	will be unable to send or receive via the interface  affected  until  it
	is manually restarted.

SOLUTION

	Nothing yet.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH