OpenBSD ICMP echo denial of service
| openbsd-icmp-echo-dos (17129) |  Medium Risk |
Description:
OpenBSD versions 3.4 and 3.5 are vulnerable to a denial of service attack, caused by improper processing of ICMP packets. A remote attacker could send an ICMP echo request packet from one of the bridged networks to the other bridged network to cause the targeted system to crash.
Note: The targeted system must have the IPSEC protocol enabled and be configured as a gateway with bridging enabled for this vulnerability to exist.
Consequences:
Denial of Service
Remedy:
For OpenBSD 3.4:
Apply the 028 _bridge.patch, available from the OpenBSD 3.4 errata Web site. See References.
For OpenBSD 3.5:
Apply the 016_bridge.patch, available from the OpenBSD 3.5 errata Web site. See References.
References:
- BugTraq Mailing List, Wed Aug 25 2004 - 06:53:36 CDT : Vulnerability: OpenBSD 3.5 Kernel Panic..
- OpenBSD 3.4 errata Web site: 028: RELIABILITY FIX: August 26, 2004.
- OpenBSD 3.5 errata Web site: 016: RELIABILITY FIX: August 26, 2004.
- BID-11044: OpenBSD Bridged Network ICMP Denial Of Service Vulnerability
- CVE-2004-0819: The bridge functionality in OpenBSD 3.4 and 3.5, when running a gateway configured as a bridging firewall with the link2 option for IPSec enabled, allows remote attackers to cause a denial of service (crash) via an ICMP echo (ping) packet.
Platforms Affected:
- OpenBSD OpenBSD 3.4
- OpenBSD OpenBSD 3.5
Reported:
Aug 25, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net