SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Device (Router/Bridge/Hub)  >  Inkra Switch Vendors:  Inkra Networks Corporation
Inkra Switch Error in Processing IP Options May Let Remote Users Crash the System
SecurityTracker Alert ID:  1011275
SecurityTracker URL:  http://securitytracker.com/id?1011275
CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Sep 15 2004
Impact:  Denial of service via network
Version(s): Model 1504GX; Firmware 2.1.4.b003
Description:  A denial of service vulnerability was reported in the Inkra 1504GX switch. A remote user can cause the switch to crash in certain configurations.

Felix Zhou reported that a remote user can send packets with specially crafted IP options to cause the target device to crash.

The following conditions must be met for the exploit to be successful:

- The Router Virtual Service Module (VSM) is selected in an actived virtual rack.
- There are no VSMs between the router VSM and the VP.
- The VP is connected to the IO slot directly.
Impact:  A remote user can cause the switch to crash in certain configurations.
Solution:  No solution was available at the time of this entry.
Vendor URL:  www.inkra.com/products/inkra1500.html (Links to External Site)
Cause:  Exception handling error
Reported By:  felix zhou <felix__zhou@hotmail.com>
Message History:   None.

 Source Message Contents
Date:  14 Sep 2004 03:11:38 -0000
From:  felix zhou <felix__zhou@hotmail.com>
Subject:  Inkra 1504GX DoS vulnerability in conducting IP protocol

 



Inkra 1504GX DoS vulnerability in conducting IP protocol 
 
Author:&#12288; Felix Zhou(felix__zhou@hotmail.com) 
&#12288;&#12288;&#12288; &#12288;&#12288;Song Liu (songsong@shaw.ca)

Release date: 2004-08-25

Affected system:

&#12288;&#12288;Inkra 1504GX with router VSM release 2.1.4.b003 (didn't test other products o
f Inkra).

Detail:

Inkra 1504GX's router VSM(release 2.1.4.b003) does not conduct IP 
options properly. And Hackers can construct some kind of packet to 
make it crash down.

Fortunately, such situation happens only in the following prerequisites:
1. Router VSM is selected in actived VR.
2. Between Router VSM and the VP, no other VSMs exist.
3. The VP is connected to the IO slot directly.

To make the SPM crash down, you have to send the malformed packet at least 3 times, which is uncertai
n for you to perform.
Several seconds interval is necessary between the attacks.

--------------- a packet example ---------------------------
xx xx xx xx xx xx (DMAC)
xx xx xx xx xx xx (SMAC)
08 00
4e cc 00 58 15 24 00 00 56 01 xx xx (ip-csum)
xx xx xx xx (SIP)
xx xx xx xx (DIP)
eb 21 ad a6 eb e1 35 9b ce dd
a7 11 ea 5d c5 96 af 47 c1 50
f1 d1 5c 4b 18 9a c1 8a 13 6b
48 5e 74 83 c6 06

aa 9a 5e c2 a6 75 38 44 f8 43
d7 3f ae a1 e0 c6 e3 7c 4b 59
7a 95 1e 70 cc 04 1b 2a d1 6e
38 83
-----------------------------------------------------------------


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2004, SecurityGlobal.net LLC