Linux Kernel Zero Length IP Fragmentation DoS

1999-03-24T00:00:00
ID OSVDB:5941
Type osvdb
Reporter John McDonald (jmcdonal@unf.edu )
Modified 1999-03-24T00:00:00

Description

Vulnerability Description

Linux kernel contains a flaw that may allow a remote denial of service. The issue is triggered when a 0-length IP fragment is received, if it is the first fragment in the list. A remote attacker can send several thousands 0-length packets to the target and will result in loss of availability.

Solution Description

Upgrade to version 2.2.4 or higher, as it has been reported to fix this vulnerability. A patch provided by John McDonald is also available.

Short Description

Linux kernel contains a flaw that may allow a remote denial of service. The issue is triggered when a 0-length IP fragment is received, if it is the first fragment in the list. A remote attacker can send several thousands 0-length packets to the target and will result in loss of availability.

References:

Vendor Specific Advisory URL Other Solution URL: http://downloads.securityfocus.com/vulnerabilities/patches/linux-0fragment.patch Nessus Plugin ID:10134 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1999_1/1079.html ISS X-Force ID: 2041 Generic Exploit URL: http://downloads.securityfocus.com/vulnerabilities/exploits/sesquipedalian.c CVE-1999-0431 Bugtraq ID: 2247