Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: DoS: ANS Interlock Firewall

DoS: ANS Interlock Firewall

From: Chris A. Henesy <lurker_at_CC.GATECH.EDU>
Date: Thu, 9 Jul 1998 15:51:14 -0400

        This may be repeated information but a quick search of the
archives didn't turn anything up, so here goes...

        There is a problem in the TCP/IP stack of ANS's Interlock Internet
Firewall product. Sending the correct series of packet fragments will
cause the machine to reboot. Bellow is part of a problem description
provided by ANS. A patch is available.

>The 1st fragment contains all (or most) of the packets payload and it
>incorrectly indicates that no other fragments are coming (the IP
>more fragment field is not set). The next fragment is sent with a
>zero length and uses the same packet identifier (indicating its
>another part of the earlier packet). This packet also does not
>indicate that more fragments are coming. The result is a zero length
>fragment arrives at the InterLock and gets processed by the Solaris
>fragment handling code. Unfortunately, the Solaris fragment timeout
>handling code (which gets involved 60 seconds later) doesnt properly
>handle the zero length fragment and its panics the box during cleanup.

        -The Lurker
Received on Jul 09 1998

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos