Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

VIGILANTE-2000010.txt

🗓️ 13 Sep 2000 00:00:00Reported by VigilanteType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 27 Views

Vulnerability in Intel Express Switches due to malformed ICMP packet causing CPU crashes.

Code
`Intel Express Switch series 500 DoS #2  
  
Advisory Code: VIGILANTE-2000010  
  
Release Date:  
September 6, 2000  
  
Systems Affected:  
Intel Express Switch 510T  
- Firmware version 2.63  
- Firmware version 2.64  
Intel Express Switch 520T  
- Firmware version 2.63  
- Firmware version 2.64  
Intel Express Switch 550T  
- Firmware version 2.63  
- Firmware version 2.64  
Intel Express Switch 550F  
- Firmware version 2.63  
- Firmware version 2.64  
It is likely that older firmware versions are also affected.  
  
THE PROBLEM  
By sending a malformed ICMP packet, either to the Intel Express  
Switch or a host behind it, the CPU crashes. The switch looses  
all routing functionality but continues to function as a switch,  
except for the fact that learning also crashes, so new connections  
are not "picked up". The packet can be sent from a machine  
directly connected to the switch or from a machine not directly  
connected to the switch. Since the packet does not require a reply,  
the packet can also be spoofed.  
  
A Side Note:  
During testing we also found the SNMP command that reboots the  
switch, and just as a friendly reminder, please do remember to change  
your switch's SNMP community name from the default to something a bit  
harder to guess, since the reboot command can also be spoofed.  
  
Vendor Status:  
Intel was contacted on the 3rd of September and the vulnerability was  
verified by them the following day. The fix was officially released  
on the 5th of September.  
  
Fix:  
The fix for the Intel Express Switches 510T, 520T, 550T and 550F  
is the same, and it can be found at this location:  
http://support.intel.com/support/express/switches/500/es5_266.htm  
  
  
Vendor URL: http://www.intel.com  
Product URL:  
http://www.intel.com/network/products/express_switches.htm?iid={500_switch}  
Copyright VIGILANTe 2000-09-03  
  
Disclaimer:  
The information within this document may change without notice. Use of  
this information constitutes acceptance for use in an AS IS  
condition. There are NO warranties with regard to this information.  
In no event shall the author be liable for any consequences whatsoever  
arising out of or in connection with the use or spread of this  
information. Any use of this information lays within the user's  
responsibility.  
  
Feedback:  
Please send suggestions, updates, and comments to:  
  
VIGILANTe  
mailto: [email protected]  
http://www.vigilante.com  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
13 Sep 2000 00:00Current
7.4High risk
Vulners AI Score7.4
intel express switchdenial of servicefirmware versionsicmp packetsnmp community namevendor fix.
27