Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

VIGILANTE-2000010.txt

🗓️ 13 Sep 2000 00:00:00Reported by VigilanteType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 26 Views

Vulnerability in Intel Express Switches due to malformed ICMP packet causing CPU crashes.

Show more
Code
`Intel Express Switch series 500 DoS #2  
  
Advisory Code: VIGILANTE-2000010  
  
Release Date:  
September 6, 2000  
  
Systems Affected:  
Intel Express Switch 510T  
- Firmware version 2.63  
- Firmware version 2.64  
Intel Express Switch 520T  
- Firmware version 2.63  
- Firmware version 2.64  
Intel Express Switch 550T  
- Firmware version 2.63  
- Firmware version 2.64  
Intel Express Switch 550F  
- Firmware version 2.63  
- Firmware version 2.64  
It is likely that older firmware versions are also affected.  
  
THE PROBLEM  
By sending a malformed ICMP packet, either to the Intel Express  
Switch or a host behind it, the CPU crashes. The switch looses  
all routing functionality but continues to function as a switch,  
except for the fact that learning also crashes, so new connections  
are not "picked up". The packet can be sent from a machine  
directly connected to the switch or from a machine not directly  
connected to the switch. Since the packet does not require a reply,  
the packet can also be spoofed.  
  
A Side Note:  
During testing we also found the SNMP command that reboots the  
switch, and just as a friendly reminder, please do remember to change  
your switch's SNMP community name from the default to something a bit  
harder to guess, since the reboot command can also be spoofed.  
  
Vendor Status:  
Intel was contacted on the 3rd of September and the vulnerability was  
verified by them the following day. The fix was officially released  
on the 5th of September.  
  
Fix:  
The fix for the Intel Express Switches 510T, 520T, 550T and 550F  
is the same, and it can be found at this location:  
http://support.intel.com/support/express/switches/500/es5_266.htm  
  
  
Vendor URL: http://www.intel.com  
Product URL:  
http://www.intel.com/network/products/express_switches.htm?iid={500_switch}  
Copyright VIGILANTe 2000-09-03  
  
Disclaimer:  
The information within this document may change without notice. Use of  
this information constitutes acceptance for use in an AS IS  
condition. There are NO warranties with regard to this information.  
In no event shall the author be liable for any consequences whatsoever  
arising out of or in connection with the use or spread of this  
information. Any use of this information lays within the user's  
responsibility.  
  
Feedback:  
Please send suggestions, updates, and comments to:  
  
VIGILANTe  
mailto: [email protected]  
http://www.vigilante.com  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
13 Sep 2000 00:00Current
7.4High risk
Vulners AI Score7.4
intel express switchdenial of servicefirmware versionsicmp packetsnmp community namevendor fix.
26
.json
Report