SUSE CVE-2004-1060

Multiple TCP/IP and ICMP implementations, when using Path MTU PMTU discovery PMTUD, allow remote attackers to cause a denial of service network throughput reduction for TCP connections via forged ICMP "Fragmentation Needed and Don't Fragment was Set" packets with a low next-hop MTU value, aka the...

The vulnerabilities of BIG-IP Advanced Firewall Manager, BIG-IP Application Acceleration Manager for application delivery, BIG-IP Access Policy Manager for access control and remote authentication, BIG-IP Application Security Manager for application protection, BIG-IP Analytics for infrastructure status analysis, BIG-IP Policy Enforcement Manager for network traffic control and management, BIG-IP Link Controller for internet traffic balancing, and BIG-IP Local Traffic Manager for local traffic balancing – allow attackers to trigger service interruptions.

The vulnerability of BIG-IP Advanced Firewall Manager, BIG-IP Application Acceleration Manager for application delivery, BIG-IP Access Policy Manager for access control and remote authentication, BIG-IP Application Security Manager for application protection, BIG-IP Analytics for infrastructure...

DoS против систем с включенным PMTU discovery

Можно прекратить связь между жвумя системами за счет установки некорректного MTU, спровоцировав между системами пакет с известным содержимым например ICMP echo-reply...