TUCoPS :: Unix :: General
:: unix4900.htm
6th Dec 2001 [SBWID-4900]
COMMAND
IPRoute
SYSTEMS AFFECTED
IPRoute v1.18
IPRoute v0.974
IPRoute v0.973
PROBLEM
Chris Gragsone and The TechnoDragon Foot Clan reported following Denial
of Service, regarding IPRoute, by David F. Mischler, which is PC-based
router software for networks running the Internet Protocol (IP) (see
http://www.trunkmonkey.com/homenetwork/iproute/ )
The implementation of the router in IPRoute does not correctly handle
tiny fragmented packets, which split up the tcp header. If a series of
tiny fragmented packets were recieved by IPRoute, it would cause
IPRoute to fail. IPRoute could be put back into normal service by
restarting the interface, but all connections during the attack would
drop. It is not necessary for the attacker to establish a session
through IPRoute in order to exploit this vulnerability. ZapNET!
firewalls are based on IPRoute and may also be vulnerable.
The specific sequence of data packets involved with this vulnerability
cannot be generated as part of a legitimate connection.
Vulnerability Reproduction: Simply \"nmap -sS -f ip-address\". IPRoute
will be unable to send or receive via the interface affected until it
is manually restarted.
SOLUTION
Nothing yet.