ID

VAR-199907-0022


CVE

CVE-1999-0683


TITLE

Gauntlet Firewall Decline service vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-199907-039

DESCRIPTION

Denial of service in Gauntlet Firewall via a malformed ICMP packet. The vulnerability occurs because Gauntlet Firewall cannot handle a condition where an ICMP Protocol Problem packet's (ICMP_PARAMPROB) encapsulated IP packet has a random protocol field and certain IP options set. The packet structure looks like this: Begin Packet ------------------------------------------ [NORMAL IP HEADER] [ICMP PARAMPROB HEADER] -- encapsulated ip packet -- [IP HEADER] (important fields in ip header) ip_p = 98 (let's specify a protocol that doesn't exist) ip_hl = 0xf (stuff options) ------------------------------------------ End Packet An attacker would do the following: Construct the [ip-icmp-ip] packet using a raw socket (SOCK_RAW) with the fields set accordingly, destination set to any machine behind the firewall. Send the packet(s). The number of packets that need to be sent depends on the platform (ie Sol on a Sparc vs BSDI). The consequence of this vulnerability being exploited is the target Gauntlet 5.0 firewall being remotely locked up. It should be expected that an attacker would send packets with spoofed source addresses in the ip header making it difficult to trace

Trust: 1.26

sources: NVD: CVE-1999-0683 // BID: 556 // VULHUB: VHN-665

AFFECTED PRODUCTS

vendor:network associatesmodel:gauntlet firewallscope:eqversion:5.0

Trust: 1.6

vendor:networkmodel:associates gauntlet firewallscope:eqversion:5.0

Trust: 0.3

vendor:networkmodel:associates gauntlet firewallscope:neversion:5.5

Trust: 0.3

sources: BID: 556 // CNNVD: CNNVD-199907-039 // NVD: CVE-1999-0683

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-0683
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-199907-039
value: MEDIUM

Trust: 0.6

VULHUB: VHN-665
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-1999-0683
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-665
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-665 // CNNVD: CNNVD-199907-039 // NVD: CVE-1999-0683

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-1999-0683

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199907-039

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-199907-039

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-665

EXTERNAL IDS

db:BIDid:556

Trust: 2.0

db:NVDid:CVE-1999-0683

Trust: 1.7

db:OSVDBid:1029

Trust: 1.7

db:CNNVDid:CNNVD-199907-039

Trust: 0.7

db:EXPLOIT-DBid:19441

Trust: 0.1

db:VULHUBid:VHN-665

Trust: 0.1

sources: VULHUB: VHN-665 // BID: 556 // CNNVD: CNNVD-199907-039 // NVD: CVE-1999-0683

REFERENCES

url:http://www.securityfocus.com/bid/556

Trust: 2.7

url:http://www.osvdb.org/1029

Trust: 2.7

url: -

Trust: 0.1

sources: VULHUB: VHN-665 // CNNVD: CNNVD-199907-039 // NVD: CVE-1999-0683

CREDITS

First posted to BugTraq by Mike Frantzen <frantzen@expert.cc.purdue.edu> on July 30, 1999.

Trust: 0.3

sources: BID: 556

SOURCES

db:VULHUBid:VHN-665
db:BIDid:556
db:CNNVDid:CNNVD-199907-039
db:NVDid:CVE-1999-0683

LAST UPDATE DATE

2024-11-22T23:00:48.014000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-665date:2008-09-09T00:00:00
db:BIDid:556date:1999-07-30T00:00:00
db:CNNVDid:CNNVD-199907-039date:2005-05-02T00:00:00
db:NVDid:CVE-1999-0683date:2024-11-20T23:29:13.477

SOURCES RELEASE DATE

db:VULHUBid:VHN-665date:1999-07-30T00:00:00
db:BIDid:556date:1999-07-30T00:00:00
db:CNNVDid:CNNVD-199907-039date:1999-07-30T00:00:00
db:NVDid:CVE-1999-0683date:1999-07-30T04:00:00