Multiple BSD TCP/IP Stacks IP Fragmentation Remote DoS

1998-11-04T00:00:00
ID OSVDB:908
Type osvdb
Reporter OSVDB
Modified 1998-11-04T00:00:00

Description

Vulnerability Description

Certain BSD derived TCP/IP stacks contain a flaw that may allow a remote denial of service. The issue is triggered when a malicious user creates and sends a pair of malformed IP packets that are reassembled into an invalid UDP datagram. The invalid UDP datagram will cause the kernel to panic and crash, resulting in a loss of availability for the platform.

Solution Description

Upgrade BSD to version 4.0 or higher, as it has been reported to fix this vulnerability. In addition, BSDI has released a patch for some older versions.

Upgrade FreeBSD to version 3.0 or higher after the correction date, as it has been reported to fix this vulnerability. In addition, FreeBSD has released a patch for some older versions.

Upgrade OpenBSD to version 2.4 or higher after the correction date, as it has been reported to fix this vulnerability. In addition, OpenBSD has released a patch for some older versions.

Short Description

Certain BSD derived TCP/IP stacks contain a flaw that may allow a remote denial of service. The issue is triggered when a malicious user creates and sends a pair of malformed IP packets that are reassembled into an invalid UDP datagram. The invalid UDP datagram will cause the kernel to panic and crash, resulting in a loss of availability for the platform.

References:

Vendor Specific Solution URL: ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/tcpfix.patch Vendor Specific Solution URL: ftp://ftp.bsdi.com/bsdi/patches/patches-3.1 Vendor Specific Solution URL: ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/tcpfix.patch Vendor Specific Solution URL: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/CA-98-13/patch Vendor Specific News/Changelog Entry: http://www.openbsd.org/errata24.html#tcpfix Vendor Specific News/Changelog Entry: http://www.openbsd.org/errata23.html#tcpfix Vendor Specific Advisory URL ISS X-Force ID: 1389 CVE-1999-0052 Bugtraq ID: 120