[27022] in bugtraq
Scan against Enterasys SSR8000 crash the system
daemon@ATHENA.MIT.EDU (Mella Marco)
Fri Sep 13 11:13:44 2002
Message-ID: <2D76ABEB751DD2119DAB0008C7243D4B046885D4@exchange-one.pm.saritel.it>
From: Mella Marco <m.mella@saritel.it>
To: bugtraq@securityfocus.com
Date: Fri, 13 Sep 2002 11:44:31 +0200
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
The SSR8000 (Smart Switch Router) listening on tcp ports 15077 and 15078,
this ports are used for MPS code.
For more information about ATM MPOA Server (MPS) :
http://www.enterasys.com/support/techtips/tk0659-9.html
Sending few packets on tcp ports 15077 and 15078 against SSR8000 with
firmware E8.2.0.0, and E8.3.0.4 the system go down.
Test 1
From Linux-pc (IP 10.2.1.2) to SSR " nmap -PT 10.2.1.1 -p '15077-15078' "
single scan
Result
No Crash
Test 2
If we do two test “ nmap -PT 10.2.1.1 -p '15077-15078'” in same time or in
few time
Result
CPU at 1%
System go down
Solution
Temporary solution: ACL for denies any access to ports 15077 15078 from any
interfaces
Definitive solution: Upgrade the firmware of SSR to 8.3.0.10 or greater
Notes
probably the problem is present on other versions with firmware previous to
version 8.3.0.10
Marco
mail: m.mella@saritel.it
