Enterasys XSR-1800 Security Router Can Be Crashed By Remote Users With IP Record Route Option
|
|
SecurityTracker Alert ID: 1010641 |
|
SecurityTracker URL: http://securitytracker.com/id/1010641
|
|
CVE Reference:
CAN-2004-0674
(Links to External Site)
|
Updated: Jul 15 2004
|
Original Entry Date: Jul 3 2004
|
Impact:
Denial of service via network
|
Exploit Included: Yes
|
Version(s): XSR-1800; firmware 7.0.0.0
|
Description:
A vulnerability was reported in the Enterasys XSR Security Router XSR-1800 series. A remote user can cause denial of service conditions.
Frederico Queiroz reported that a remote user can send a packet with the IP record route option set to cause the target device to crash.
A demonstration exploit using hping (http://www.hping.org) is provided:
hping3 -1 -G www.uol.com.br
The vendor has reportedly been notified.
|
Impact:
A remote user can cause the target device to crash.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.enterasys.com/products/routing/XSR-18xx/ (Links to External Site)
|
Cause:
Exception handling error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Fri, 2 Jul 2004 15:00:50 -0300
Subject: Enterasys XSR Security Routers DoS
|
Description: Enterasys XSR Security Routers crash when passing a packet
with the option record route.
System Vulnerable: This vulnerability was found in XSR-1800 series.
(firmware 7.0.0.0)
Proof-of-concept: I've used Hping (http://www.hping.org/) to perform
this example:
hping3 -1 -G www.uol.com.br
Vendor at Brazil was informed about this.
Frederico Queiroz
Security Consultant/ISH Tecnologia
Phone: +55-27-3334-8900
E-mail: fqueiroz@ish.com.br
|
|
