Bugtraq mailing list archives
Fore/Marconi ATM Switch 'land' vulnerability
From: "Seeker of Truth" <seeker_sojourn () hotmail com>
Date: Fri, 14 Jun 2002 23:35:41 +0000
System Versions FT6.1.1 and FT7.0.1Labratory testing indicates that a single 'land' packet sent to the telnet port (23) of either the inband or out-of-band interface will cause the device to stop responding to ip traffic. Over the course of 6-1/2 minutes, all CPU will be consumed and device reboots.
Basically a packet is forged with the source and destination IP address and ports identical.
We reproduced it using Internet Security Scanner 6.01 and the 'land' and 'ciscoland' tests.
Many sources and derivatives are available on public security websites. It's a TCP/IP stack bug that's been known since 1997. Here are some links http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0016 http://www.cert.org/advisories/CA-1997-28.html http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D8081 Vendor notified one year ago today :-) -oo- seeker _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com
Current thread:
- Fore/Marconi ATM Switch 'land' vulnerability Seeker of Truth (Jun 15)
- Windows Buffer Overflows Brett Moore (Jun 17)
- Re: Windows Buffer Overflows dullien (Jun 17)
- Windows Buffer Overflows Brett Moore (Jun 17)