Search...

CVE-2000-0041

1999-12-28T05:00:00

ID CVE-2000-0041
Type cve
Reporter cve@mitre.org
Modified 2008-09-10T19:02:00

Description

Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack.

JSON Vulners Source

Initial Source

{"id": "CVE-2000-0041", "bulletinFamily": "NVD", "title": "CVE-2000-0041", "description": "Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack.", "published": "1999-12-28T05:00:00", "modified": "2008-09-10T19:02:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0041", "reporter": "cve@mitre.org", "references": ["http://www.securityfocus.com/bid/890"], "cvelist": ["CVE-2000-0041"], "type": "cve", "lastseen": "2019-05-29T18:07:36", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "f492b3b4d6f01ca6be35114e5f6c0a5e"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "1ff0673d165524353c713a5851d0e4a0"}, {"key": "cpe23", "hash": "58d0f5993e2522e387f3e6f8f330b146"}, {"key": "cvelist", "hash": "66a4f334b9055f258bd0ef28807a058c"}, {"key": "cvss", "hash": "41b62a8aa1ee5c40897717cadc30784a"}, {"key": "cvss2", "hash": "85fc9715d07b57d9e72056856b007c7b"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "66c51f9ce5e490040d52e8de24156e0f"}, {"key": "href", "hash": "52e25ca2ad463b6bb874cf2775979edd"}, {"key": "modified", "hash": "637df748b4c6cb1a41560d1754a6be16"}, {"key": "published", "hash": "a66650a2f072e82d3281746d87bd3258"}, {"key": "references", "hash": "dd7f41df6458da973648dab7810fdd04"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "6bb18e62767cd51bc0db581608b48f27"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "3a8188f7d2b945ea7896285e0dc4f38ffa29ecd49185c2e90f66d77f2a8e17bc", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:1173"]}], "modified": "2019-05-29T18:07:36"}, "score": {"value": 5.8, "vector": "NONE", "modified": "2019-05-29T18:07:36"}, "vulnersScore": 5.8}, "objectVersion": "1.3", "cpe": ["cpe:/a:apple:mac_os:9.0", "cpe:/o:apple:mac_os:9.0"], "affectedSoftware": [{"name": "apple mac_os", "operator": "eq", "version": "9.0"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:o:apple:mac_os:9.0:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"]}

{"osvdb": [{"lastseen": "2017-04-28T13:19:55", "bulletinFamily": "software", "description": "## Vulnerability Description\nOpen Transport in Mac OS 9 contains a flaw that may allow a remote denial of service. The issue is triggered when sending a malformed 29 byte long UDP packet, which will cause the machine to respond with an 1,500 byte long ICMP packet. It is possible for a remote attacker to use this behavior as an amplifier against other targets.\n## Solution Description\nUpgrade to Open Transport version 2.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nOpen Transport in Mac OS 9 contains a flaw that may allow a remote denial of service. The issue is triggered when sending a malformed 29 byte long UDP packet, which will cause the machine to respond with an 1,500 byte long ICMP packet. It is possible for a remote attacker to use this behavior as an amplifier against other targets.\n## References:\nVendor URL: http://www.apple.com/\nVendor Specific Solution URL: http://docs.info.apple.com/article.html?artnum=58805\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/1999-q4/0523.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/1999-q4/0524.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/1999-q4/0504.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/1999-q4/0515.html\nISS X-Force ID: 3752\n[CVE-2000-0041](https://vulners.com/cve/CVE-2000-0041)\nBugtraq ID: 890\n", "modified": "1999-12-29T00:00:00", "published": "1999-12-29T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:1173", "id": "OSVDB:1173", "title": "Mac OS 9 Open Transport Malformed ICMP Datagram Response DoS", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}