HP-UX ICMP PMTUD Remote Denial Of Service Vulnerability
BID:13367
Info
HP-UX ICMP PMTUD Remote Denial Of Service Vulnerability
| Bugtraq ID: | 13367 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2005-1192 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 25 2005 12:00AM |
| Updated: | Nov 15 2007 12:37AM |
| Credit: | This issue was discovered by Fernando Gont. |
| Vulnerable: |
HP HP-UX B.11.23 HP HP-UX B.11.22 HP HP-UX B.11.11 HP HP-UX B.11.04 HP HP-UX B.11.00 Avaya Predictive Dialing System (PDS) 12.0 |
| Not Vulnerable: | |
Discussion
HP-UX ICMP PMTUD Remote Denial Of Service Vulnerability
Path MTU Discovery (PMTUD) functionality is supported within the ICMP protocol.
An attack against ICMP PMTUD is reported to affect HP-UX IPV4-based platforms. By sending a suitable forged ICMP message to a target host (Type 3, code 4 Fragmentation needed and DF bit set for IPV4 networks), an attacker may reduce the MTU for a given connection.
A remote attacker may exploit this issue to degrade the performance of TCP connections and partially deny service for legitimate users.
Path MTU Discovery (PMTUD) functionality is supported within the ICMP protocol.
An attack against ICMP PMTUD is reported to affect HP-UX IPV4-based platforms. By sending a suitable forged ICMP message to a target host (Type 3, code 4 Fragmentation needed and DF bit set for IPV4 networks), an attacker may reduce the MTU for a given connection.
A remote attacker may exploit this issue to degrade the performance of TCP connections and partially deny service for legitimate users.
Exploit / POC
HP-UX ICMP PMTUD Remote Denial Of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
HP-UX ICMP PMTUD Remote Denial Of Service Vulnerability
Solution:
Please see the references for more information.
HP HP-UX B.11.23
HP HP-UX B.11.11
Solution:
Please see the references for more information.
HP HP-UX B.11.23
-
HP PHNE_32606
http://itrc.hp.com/
HP HP-UX B.11.11
-
HP PHNE_33159
http://itrc.hp.com/
References
HP-UX ICMP PMTUD Remote Denial Of Service Vulnerability
References:
References:
- ASA-2005-160 - Update to Hewlett-Packard Security Advisories - (HPSBUX01137) (Avaya)
- [security bulletin] SSRT5954 rev.0 HP-UX TCP/IP Remote Denial of Service (DoS) ("Boren, Rich \(SSRT\)"
- HPSBUX01137 SSRT5954 rev.11 - HP-UX Running TCP/IP (IPv4), Remote Denial of Serv (HP)
- Vulnerability Note VU#972686 HP-UX ICMP vulnerable to DoS via ICMP Path Maximum (US-CERT)