Full Disclosure mailing list archives
Re: Should nmap cause a DoS on cisco routers?
From: AMILABS <amilabs () optonline net>
Date: Thu, 01 Jul 2010 18:21:27 -0400
Sounds like a typical FSM type bug that can be exploited. I worked on one back in 03. http://amilabs.com/Cisco%20Vulnerability%20in%20Check.htm -----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Florian Weimer Sent: Thursday, July 01, 2010 12:13 PM To: Dobbins, Roland Cc: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Should nmap cause a DoS on cisco routers? * Roland Dobbins:
On Jul 1, 2010, at 5:23 PM, Thierry Zoller wrote:If a device crashes when being scanned - it's a vulnerability.It sounds to me as if what happened was that he ended up driving the CPUs of the devices in question to 100%, and they stopped handling control-plane traffic and fell over. There are infrastructure self-protection best current practices (BCPs) which can be deployed to defend against infrastructure-targeted DoS.
Not necessarily. Fingerprinting is known to crash tons of devices. And it's certainly a bug worth fixing. Many shops write their own scripts to gather statistics from networking devices, and it's really annoying when those scripts bring down devices (be it due to brittle protocol parsers, or memory leaks in the server code). -- Florian Weimer <fweimer () bfk de> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Should nmap cause a DoS on cisco routers? Thierry Zoller (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Thierry Zoller (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Florian Weimer (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? AMILABS (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Dan Kaminsky (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Lee (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Dan Kaminsky (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? AMILABS (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Thierry Zoller (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Thierry Zoller (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Thierry Zoller (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 01)