Multiple Vendor ICMP Message Handling DoS

2005-04-12T15:58:40
ID OSVDB:15457
Type osvdb
Reporter Fernando Gont(fernando@gont.com.ar)
Modified 2005-04-12T15:58:40

Description

Vulnerability Description

Multiple ICMP implementations contains a flaw that may allow a remote denial of service. The issue is triggered due to the handling of ICMP error messages. By sending a specially crafted ICMP error message, a remote attacker could reset TCP connections resulting in a loss of availability.

Solution Description

Contact your vendor for an appropriate upgrade. An upgrade is required as there are no known workarounds.

Short Description

Multiple ICMP implementations contains a flaw that may allow a remote denial of service. The issue is triggered due to the handling of ICMP error messages. By sending a specially crafted ICMP error message, a remote attacker could reset TCP connections resulting in a loss of availability.

References:

Vendor URL: http://www.microsoft.com/ Vendor URL: http://www.netapp.com/ Vendor URL: https://www.watchguard.com/ Vendor URL: http://www.windriver.com/ Vendor URL: http://www.ibm.com/us/ Vendor URL: https://www.juniper.net/ Vendor URL: http://www.redback.com/ Vendor URL: http://www.sco.com/ Vendor URL: http://www.sun.com/ Vendor URL: http://www.openbsd.org/ Vendor URL: http://www.cisco.com/ Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Security Tracker: 1013706 Security Tracker: 1013696 Security Tracker: 1013698 Security Tracker: 1013871 Secunia Advisory ID:14904 Secunia Advisory ID:14928 Secunia Advisory ID:14950 Secunia Advisory ID:22341 Secunia Advisory ID:14512 Secunia Advisory ID:15761 Secunia Advisory ID:16701 Secunia Advisory ID:14945 Secunia Advisory ID:18317 Other Advisory URL: http://www.niscc.gov.uk/niscc/docs/al-20050412-00308.html Other Advisory URL: http://www.watersprings.org/pub/id/draft-gont-tcpm-icmp-attacks-03.txt Other Advisory URL: http://www.ietf.org/internet-drafts/draft-gont-tcpm-icmp-attacks-03.txt Other Advisory URL: http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html Nessus Plugin ID:18028 Nessus Plugin ID:18023 Microsoft Security Bulletin: MS05-019 Microsoft Security Bulletin: MS06-064 Microsoft Knowledge Base Article: 922819 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-04/0291.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-04/0399.html Keyword: aka the "blind connection-reset attack" ISS X-Force ID: 17170 CVE-2004-0790 CERT VU: 222750 Bugtraq ID: 13124