ID CVE-2000-0041 Type cve Reporter NVD Modified 2008-09-10T15:02:24
Description
Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack.
{"href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0041", "history": [], "references": ["http://www.securityfocus.com/bid/890"], "lastseen": "2016-09-03T02:32:37", "bulletinFamily": "NVD", "title": "CVE-2000-0041", "cpe": ["cpe:/o:apple:mac_os:9.0"], "viewCount": 0, "id": "CVE-2000-0041", "hash": "9117f9a5bd5e9f690ced9c65fbcef709a6aace8bb29cb6cd86a2677c844a43de", "description": "Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack.", "edition": 1, "assessment": {"name": "", "href": "", "system": ""}, "cvelist": ["CVE-2000-0041"], "scanner": [], "modified": "2008-09-10T15:02:24", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "objectVersion": "1.2", "reporter": "NVD", "type": "cve", "published": "1999-12-28T00:00:00", "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2016-09-03T02:32:37"}, "vulnersScore": 5.0}}
{"osvdb": [{"lastseen": "2017-04-28T13:19:55", "references": [], "edition": 1, "description": "## Vulnerability Description\nOpen Transport in Mac OS 9 contains a flaw that may allow a remote denial of service. The issue is triggered when sending a malformed 29 byte long UDP packet, which will cause the machine to respond with an 1,500 byte long ICMP packet. It is possible for a remote attacker to use this behavior as an amplifier against other targets.\n## Solution Description\nUpgrade to Open Transport version 2.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nOpen Transport in Mac OS 9 contains a flaw that may allow a remote denial of service. The issue is triggered when sending a malformed 29 byte long UDP packet, which will cause the machine to respond with an 1,500 byte long ICMP packet. It is possible for a remote attacker to use this behavior as an amplifier against other targets.\n## References:\nVendor URL: http://www.apple.com/\nVendor Specific Solution URL: http://docs.info.apple.com/article.html?artnum=58805\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/1999-q4/0523.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/1999-q4/0524.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/1999-q4/0504.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/1999-q4/0515.html\nISS X-Force ID: 3752\n[CVE-2000-0041](https://vulners.com/cve/CVE-2000-0041)\nBugtraq ID: 890\n", "reporter": "John Copeland(jacopeland@mediaone.net)", "published": "1999-12-29T00:00:00", "title": "Mac OS 9 Open Transport Malformed ICMP Datagram Response DoS", "type": "osvdb", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Mac OS 9", "version": "9.0", "operator": "eq"}], "cvelist": ["CVE-2000-0041"], "modified": "1999-12-29T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:1173", "id": "OSVDB:1173", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}
