OpenServer 6.0.0 : TCP Remote ICMP Denial Of Service Vulnerabilities

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1053321 漏洞类型
发布时间 2005-09-24 更新时间 2005-09-24
CVE编号 CVE-2004-0790
CVE-2004-0791
CVE-2004-1060
CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2005090016
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________
______

SCO Security Advisory

Subject:		OpenServer 6.0.0 : TCP Remote ICMP Denial Of Service Vulnerabilities
Advisory number: 	SCOSA-2005.38
Issue date: 		2005 September 22
Cross reference:	sr894918 fz530661 erg712928 CAN-2004-0790 CAN-2004-0791 CAN-2004-1060
________________________________________________________________________
______

1. Problem Description

The Internet Control Message Protocol is used to alert
	hosts on a network about certain situations, and the hosts
	then take automatic action to prevent network failures or
	to improve transport efficiency. The RFC recommends no
	security checking for in-bound ICMP messages, so long as
	a related connection exists, and may potentially allow
	several different Denials of Service. The following
	individual attacks are reported: A blind connection-reset
	attack is reported, which takes advantage of the specification
	that describes that on receiving a 'hard' ICMP error, the
	corresponding connection should be aborted. A remote
	attacker may terminate target TCP connections and deny
	service for legitimate users. 
	 
	The Common Vulnerabilities and Exposures project (cve.mitre.org) 
	has assigned the name CAN-2004-0790 to this issue. 
	
	An ICMP Source Quench
	attack is reported, which exploits the specification that
	a host must react to ICMP Source Quench messages by slowing
	transmission on the associated connection. A remote attacker
	may effectively degrade performance for a legitimate
	connection. 
	
	The Common Vulnerabilities and Exposures project (cve.mitre.org) 
	has assigned the name CAN-2004-0791 to this issue. 
	
	A suitable forged ICMP PMTUD message may be used to reduce the 
	MTU for a given connection in a similar manner. 
	
	The Common Vulnerabilities and Exposures project (cve.mitre.org) 
	has assigned the name CAN-2004-1060 to this issue.

2. Vulnerable Supported Versions

System				Binaries
	----------------------------------------------------------------------
	OpenServer 6.0.0 		inet driver

3. Solution

The proper solution is to install the latest packages.

4. OpenServer 6.0.0

4.1 Location of Fixed Binaries

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.38

4.2 Verification

MD5 (VOL.000.000) = 8b97daeeba0c5653d1e01d589109c250

md5 is available for download from
		ftp://ftp.sco.com/pub/security/tools

4.3 Installing Fixed Binaries

Upgrade the affected binaries with the following sequence:

1) Download the VOL* files to a directory

2) Run the custom command, specify an install from media
	images, and specify the directory as the location of the
	images.

5. References

Specific references for this advisory:
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0790 
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0791 
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1060

SCO security resources:
		http://www.sco.com/support/security/index.html

SCO security advisories via email
		http://www.sco.com/support/forums/security.html

This security fix closes SCO incidents sr894918 fz530661
	erg712928.

6. Disclaimer

SCO is not responsible for the misuse of any of the information
	we provide on this website and/or through our security
	advisories. Our advisories are a service to our customers
	intended to promote secure installation and use of SCO
	products.

7. Acknowledgments

The SCO Group would like to thank Fernando Gont for reporting
	these issues.

________________________________________________________________________
______

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (SCO/SYSV)

iD8DBQFDMuH6aqoBO7ipriERAjZ/AJ9GJGsylMBOlEbT8qb4enKIoCQxfACghPMk
rTKK50snfn12AXxAffKBVrU=
=KMrf
-----END PGP SIGNATURE-----