OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Keith Pachulski (Keith.PachulskiCORP.PTD.NET)
Date: Mon Feb 19 2001 - 09:40:02 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Denial of Service Condition exists in Fore/Marconi ASX Switches
    - ----------------------------------------------------------------------
    - -

    Author: Keith Pachulski, PenTeleData Network Security Team
    <keithpcorp.ptd.net>

    Tested: Condition was tested and verified on ASX-1000 switches
    running ForeThought6.2 software.

    Problem: When an ASX switch receives a crafted packet with certain
    attributes in the packet, the ASX switch telnetd and/or httpd will
    enter into a close wait state and refuse telnet and web interface
    management connections until the switch is reloaded. Which service to
    enter into the close wait state depends on which service was
    targeted. If both telnet and web are targeted, the switch will become
    unresponseive to all remote management. The switch will need to be
    physically power cycled to allow for management. The attack does not
    hinder the switches ability to operate though, it only refuses
    connections for remote management.

    Vulnerability: A combination of SYN-FIN and More Fragments will cause
    the remote management service to enter into a close_wait state until
    the switch is power cycled.

    Workaround: Filter all traffic destined to the switches for remote
    management. There is no vendor supplied patch or code upgrade as of
    this writing for the Denial of Service condition. The vendor has been
    notified and is aware of this condition in the device.

    -----BEGIN PGP SIGNATURE-----
    Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

    iQA/AwUBOpE99OGTq6qVSXTQEQLM0gCfcuUJqNUQbkahqGMgzs4cxYhV/wcAmwR2
    0VNKvFxrPlrzMSB7lG0v3yU1
    =HGl1
    -----END PGP SIGNATURE-----