PT-2006-1579 · Cisco +1 · Cisco Pix +3

Name of the Vulnerable Software and Affected Versions: Cisco PIX/ASA versions 7.1.x before 7.12 Cisco PIX/ASA versions 7.0.x before 7.05 Cisco PIX version 6.3.x before 6.3.5112 Cisco FWSM versions 2.3.x before 2.34 Cisco FWSM versions 3.x before 3.17 Description: The issue allows remote attackers...

CVE-2006-0839

Removed by vendor...

[Full-disclosure] [thunkers.net] D-Link Fragmented UDP DoS Vulnerability

At the time of discovery the issue affected the latest D-Link firmwares. As D-Link has since released a new firmware, this is no longer the case, so... cheers... --- Aaron Portnoy ------------------------------------------------------------------------------------ D-Link Fragmented UDP Denial of...

Verified evasion in Snort

pre Dan Kaminsky gave a presentation at shmoocon and mentioned using ip fragmentation timers to evade intrusion detection systems. It's a pretty straightforward technique and easy to code up so we decided to look and see if Snort was vulnerable...

ping of death

The machine crashed when pinged with an incorrectly fragmented packet. This is known as the SPDX-FileCopyrightText: 2003 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

[Full-disclosure] ICMP attacks against TCP: Conclusions

Folks, My posts to this list have tried to show how easy it is to perform ICMP attacks against TCP. The attacks are blind, so the attacker does not need to be a "man in the middle" to perform then. The typical number of packets required to perform any of these attacks is about 16000 in many cases...

CVE-2001-1465

CVE-2001-1465 affects SurfControl SuperScout. The issue is in the packet-filtering logic that only filters packets containing both an HTTP GET request and a Host header; an attacker can bypass filtering by fragmenting traffic so that no single packet contains both elements. This is a local-access...

Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service (2)

Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service 2 // source: https://www.securityfocus.com/bid/11258/info Multiple vendor implementations of the TCP stack are reported prone to a remote denial-of-service vulnerability. The issue is reported to present itself due to...

Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service (1)

Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service 1 // source: https://www.securityfocus.com/bid/11258/info Multiple vendor implementations of the TCP stack are reported prone to a remote denial-of-service vulnerability. The issue is reported to present itself due to...

ROSE Attack - NewDawn4

Exploit for unknown platform in category dos / poc ====================== ROSE Attack - NewDawn4 ====================== /-------------------------------------------------------------/ / Implementation of Rose Attack described by Gandalf gandalf at digital.net Reference: Bugtraq, 30 mars 2004, "IP...

ROSE Attack - Newdawn2

Exploit for unknown platform in category dos / poc ====================== ROSE Attack - Newdawn2 ====================== / ROSE attack chuck at lemure.net Discovered by: email protected code modified from large IGMP attack by: Kox by Coolio email protected Sends out first and last ICMP packet echo...

Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service (3)

// source: https://www.securityfocus.com/bid/11258/info Multiple vendor implementations of the TCP stack are reported prone to a remote denial-of-service vulnerability. The issue is reported to present itself due to inefficiencies present when handling fragmented TCP packets. The discoverer of th...

Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service (2)

// source: https://www.securityfocus.com/bid/11258/info Multiple vendor implementations of the TCP stack are reported prone to a remote denial-of-service vulnerability. The issue is reported to present itself due to inefficiencies present when handling fragmented TCP packets. The discoverer of th...

ROSE Attack - NewDawn3

Exploit for unknown platform in category dos / poc ====================== ROSE Attack - NewDawn3 ====================== /-------------------------------------------------------------/ / Implementation of Rose Attack described by Gandalf gandalf at digital.net Reference: Bugtraq, 30 mars 2004, "IP...

Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service (3)

Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service 3 // source: https://www.securityfocus.com/bid/11258/info Multiple vendor implementations of the TCP stack are reported prone to a remote denial-of-service vulnerability. The issue is reported to present itself due to...

RoseAttackv2.txt

/ ROSE attack variation 2 chuck at lemure.net Discovered by: gandalf at digital.net code modified from large IGMP attack by: Kox by Coolio coolio at k-r4d.com Sends out small IP fragments totalling up to a large ICMP packet. Then repeatedly sends last IP Fragment forcing reassembly code to traver...

RoseAttackv1.txt

/-------------------------------------------------------------/ / Implementation of Rose Attack described by Gandalf . Reference: Bugtraq, 30 mars 2004, "IPv4 fragmentation, The Rose Attack" Written by Laurent Constantin Library netwib must be installed:...

3Com SuperStack 3 Firewall - Content Filter Bypassing

3Com SuperStack 3 Firewall - Content Filter Bypassing source: https://www.securityfocus.com/bid/7021/info A vulnerability has been reported in the 3Com Superstack 3 Firewall. HTTP content filters put in place by the device fail to assemble fragmented data, potentially allowing an attacker to acce...

CVE-2002-2234

NetScreen ScreenOS before 4.0.1 allows remote attackers to bypass the Malicious-URL blocking feature by splitting the URL into fragmented IP requests...

'Malicious-URL' Feature may be Circumvented Using IP Fragmentation

Title: NetScreen Security Alert 51929 Date: 25 November 2002 Impact: 'Malicious-URL' Feature may be Circumvented Using IP Fragmentation Affected Products: All firewall/VPN appliances and systems Affected Software Releases: ScreenOS 2.7.1, 2.8, 3.0, 3.1, 4.0 Max Risk: Low Summary: In response to t...