Tru64 - Malformed TCP Packet Denial of Service Vulnerability

ID EDB-ID:21261
Type exploitdb
Reporter Luca Papotti
Modified 2002-01-31T00:00:00


Tru64 Malformed TCP Packet Denial Of Service Vulnerability. CVE-2002-2071. Dos exploit for unix platform


It has been reported that Tru64 systems may be prone to a denial of service condition when handling malformed TCP packets.

Specifically, when processing a malformed TCP packet with both the SYN and FIN flags set, vulnerable Tru64 systems may block indefinitely, thus causing a denial of service. As a result other legitimate users may no longer be capable of accessing remote services.

This vulnerability is said to affect Tru64 4.0E as well as various versions of Digital Unix and VxWorks.

hping2 -a <spoofed ip> -SPF -p 21 -c 1 <dest ip>