|
|
|
|
| |
| IPRoute contains a vulnerability that would allow a remote attacker to launch a DoS attack against the product, thus blocking all access to and from the protected network. |
| |
Credit:
The information has been provided by Chris Gragsone.
|
| |
Affected software:
* IPRoute version 1.18
* IPRoute version 0.974
* IPRoute version 0.973
IPRoute, by David F. Mischler, is PC-based router software for networks running the Internet Protocol (IP). It can act as a dial on demand or dedicated router between a LAN and a PPP, SLIP, Ethernet, wireless IP, or cable modem link and allow transparent access from a LAN to the Internet using a single IP address through Network Address Translation (NAT). IPRoute can also act as a PPP server for dialup connections or route between LANs.
The implementation of the router in IPRoute does not correctly handle tiny fragmented packets, which split up the TCP header. If a series of tiny fragmented packets were received by IPRoute, it would cause IPRoute to fail. IPRoute could be put back into normal service by restarting the interface, but all connections during the attack would drop. It is not necessary for the attacker to establish a session through IPRoute in order to exploit this vulnerability. ZapNET! firewalls are based on IPRoute and may also be vulnerable.
The specific sequence of data packets involved with this vulnerability cannot be generated as part of a legitimate connection.
Vulnerability reproduction:
Simply run "nmap -sS -f ip-address". IPRoute will be unable to send or receive via the interface affected until it is manually restarted.
|
|
|
|
|
|
|
|
|
|
