|
|
| |
| When an ASX switch receives a crafted packet with certain attributes in the packet, the ASX switch Telnetd and/or HTTPd will enter into a close wait state and refuse telnet and web interface management connections until the switch is reloaded. Which service will enter into the close wait state depends on which service was targeted. If both telnet and web are targeted, the switch will become unresponsive to all remote management. The switch will need to be physically power cycled to allow for management. Note that the attack does not hinder the switches ability to operate - it only refuses connections for remote management. |
| |
Credit:
The information has been provided by Keith Pachulski, PenTeleData Network Security Team.
|
| |
Vulnerable systems:
ASX-1000 switches running ForeThought version 6.2 software
A combination of SYN-FIN and More Fragments will cause the remote management service to enter into a close_wait state until the switch is power cycled.
Workaround:
Filter all traffic destined to the switches for remote management. There is no vendor supplied patch or code upgrade as of this writing for the Denial of Service condition. The vendor has been notified and is aware of this condition in the device.
|
|
|
