ID
VAR-199808-0020
TITLE
Cisco PIX and CBAC Fragmentation Attack
Trust: 0.3
DESCRIPTION
Both the Cisco PIX Firewall software as the Context-based Access Control (CBAC) feature of Cisco's IOS Firewall Feature Set do not properly check non-initial fragmented IP packets. Although the non-initial fragmented IP packets might belong to session which would normally be blocked, they are forwarded to the destination host. This may lead to a denial of services (DOS) attack due to the exhaustion of resources required to keep track of the fragmented IP packets. The problem can be fixed by keeping track of the sessions that fragmented IP packets belong to and by blocking non-initial fragmented IP packets for which no initial packet has been seen. The DOS attack can easily be carried out by publically available tools.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | cisco | model: | pix firewall | scope: | eq | version: | 4.2.1 | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.0t | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.0 | Trust: 0.3 |
| vendor: | cisco | model: | ios 11.3t | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 11.2p | scope: | - | version: | - | Trust: 0.3 |
THREAT TYPE
network
Trust: 0.3
TYPE
Serialization Error
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 690 | Trust: 0.3 |
REFERENCES
| url: | http://www.cisco.com/warp/public/707/sec_incident_response.shtml | Trust: 0.3 |
CREDITS
This vulnerability was discovered by Robert Ståhlbrand <robert@nmac.ericsson.se> and reported to BugTraq on 18 August 1998.
Trust: 0.3
SOURCES
| db: | BID | id: | 690 |
LAST UPDATE DATE
2022-05-17T02:03:06.105000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 690 | date: | 1998-08-18T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 690 | date: | 1998-08-18T00:00:00 |