[35584] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Enterasys XSR Security Routers DoS

daemon@ATHENA.MIT.EDU (Frederico Queiroz)
Sat Jul 3 13:35:20 2004

content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Date: Fri, 2 Jul 2004 15:00:50 -0300
Message-ID: <75DE82D2B10F0C4BA016F1D80367DA0618A8EE@guilder.ish.com.br>
From: "Frederico Queiroz" <fqueiroz@ish.com.br>
To: <bugtraq@securityfocus.com>
Content-Transfer-Encoding: 8bit

Description: Enterasys XSR Security Routers crash when passing a packet
with the option record route.

System Vulnerable: This vulnerability was found in XSR-1800 series.
(firmware 7.0.0.0)

Proof-of-concept: I've used Hping (http://www.hping.org/) to perform
this example:

hping3 -1 -G www.uol.com.br

Vendor at Brazil was informed about this.

Frederico Queiroz
Security Consultant/ISH Tecnologia
Phone: +55-27-3334-8900
E-mail: fqueiroz@ish.com.br


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[35584] in bugtraq

Enterasys XSR Security Routers DoS

daemon@ATHENA.MIT.EDU (Frederico Queiroz)Sat Jul 3 13:35:20 2004

daemon@ATHENA.MIT.EDU (Frederico Queiroz)
Sat Jul 3 13:35:20 2004