cabletron.ssr.dos.txt

`Bindview Security Advisory  
--------  
  
Cabletron SmartSwitch Router 8000 Firmware v2.x  
Issue date: November 24, 1999  
Contact: Scott Blake <[email protected]>  
  
Topic:  
Denial of Service Vulnerability in Cabletron's SmartSwitch Router (SSR)  
  
Overview:  
Cabletron's SSR is a Layers 2-4 routing and switching device with one of  
the fastest switching architectures in the industry. Attackers can cause  
the SSR to stop handling any network traffic.  
  
Affected Systems:  
Bindview only confirms the vulnerability in the SSR 8000 running firmware  
revision 2.x. Due to the nature of the problem, other equipment may  
be vulnerable, including other manufacturers' products.  
  
Impact:  
A malicious attacker can cause the SSR to stop functioning for as long  
as the attacker can continue feeding packets to the device.  
  
Details:  
Cabletron indicates that the bottleneck appears to occur in the ARP handling  
mechanism of the SSR. The SSR appears to only be capable of handling ~200  
ARP requests per second. Thus, by initiating network traffic to more than  
this critical number of IP addresses, an attacker can cause the router to  
stop  
functioning while the ARP handler is flooded. In extreme cases, with input  
rates only available on the local network, it may be possible to corrupt the  
SSR's configuration with a sustained flood of new IP addresses.  
  
The danger in this problem arises from the fact that many perimeter defenses  
(firewalls) permit ICMP through, which means that remote, anonymous  
attackers  
may be able to crash the SSR.  
  
  
  
Fix Information:  
  
Upgrade your SSR firmware to version 3.x:  
http://www.cabletron.com/download/download.cgi?lib=ssr  
  
`