ID

VAR-200311-0077

CVE

CVE-2003-0804

TITLE

BSD Kernel ARP Buffer flooded remote denial of service vulnerability

DESCRIPTION

The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests. A vulnerability has been discovered in the BSD kernel. The problem occurs in the storage of ARP cache entries when handling ARP requests. As a result of this issue, an attacker capable of transmitted a large volume of spoofed ARP requests to a target system may be capable of triggering a system panic. This would effectively deny services to other legitimate users until the system is manually rebooted. The issue is reported to exist in FreeBSD, IRIX and MacOS X. Other systems, which use a BSD-derived kernel, may also be prone to the issue. Address Resolution Protocol (ARP) is a protocol for mapping IP addresses to MAC addresses. Through forged ARP requests, remote attackers can carry out denial of service attacks on the system, causing the system to crash. Under some conditions, an attacker can perform a flood attack through forged ARP requests, which can cause resource exhaustion. Since the arplookup() function does not delete unnecessary ARP buffer entries, it will consume a large amount of resources and crash the system, resulting in denial of service. The attacker must hang or crash the target machine in the local network segment, and the network using ARP proxy can also cause the machine in the network segment to be attacked

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

other

EXTERNAL IDS

REFERENCES

CREDITS

Apple

SOURCES

LAST UPDATE DATE

2024-08-14T14:08:59.704000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE