Tru64 - Malformed TCP Packet Denial of Service Vulnerability

2002-01-31T00:00:00
ID EDB-ID:21261
Type exploitdb
Reporter Luca Papotti
Modified 2002-01-31T00:00:00

Description

Tru64 Malformed TCP Packet Denial Of Service Vulnerability. CVE-2002-2071. Dos exploit for unix platform

                                        
                                            source: http://www.securityfocus.com/bid/4011/info

It has been reported that Tru64 systems may be prone to a denial of service condition when handling malformed TCP packets.

Specifically, when processing a malformed TCP packet with both the SYN and FIN flags set, vulnerable Tru64 systems may block indefinitely, thus causing a denial of service. As a result other legitimate users may no longer be capable of accessing remote services.

This vulnerability is said to affect Tru64 4.0E as well as various versions of Digital Unix and VxWorks.

hping2 -a <spoofed ip> -SPF -p 21 -c 1 <dest ip>