[25805] in bugtraq
Fore/Marconi ATM Switch 'land' vulnerability
daemon@ATHENA.MIT.EDU (Seeker of Truth)
Sat Jun 15 12:50:06 2002
From: "Seeker of Truth" <seeker_sojourn@hotmail.com>
To: bugtraq@securityfocus.com
Date: Fri, 14 Jun 2002 23:35:41 +0000
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-ID: <F16103xv3Ho8Xu1njpu00003202@hotmail.com>
System Versions FT6.1.1 and FT7.0.1
Labratory testing indicates that a single 'land' packet sent to the telnet
port (23) of
either the inband or out-of-band interface will cause the device to stop
responding to
ip traffic. Over the course of 6-1/2 minutes, all CPU will be consumed and
device reboots.
Basically a packet is forged with the source and destination IP address and
ports identical.
We reproduced it using Internet Security Scanner 6.01 and the 'land' and
'ciscoland' tests.
Many sources and derivatives are available on public security websites.
It's a TCP/IP stack bug that's been known since 1997. Here are some links
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0016
http://www.cert.org/advisories/CA-1997-28.html
http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D8081
Vendor notified one year ago today :-)
-oo-
seeker
_________________________________________________________________
Send and receive Hotmail on your mobile device: http://mobile.msn.com
