发布时间 :2000-11-14 00:00:00
修订时间 :2008-09-05 16:22:06

[原文]Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malformed ICMP packet, which causes the CPU to crash.


[机译]英特尔®Express 500系列交换机允许远程攻击者通过一个格式错误的ICMP数据包,从而导致崩溃的CPU,导致拒绝服务。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/h:intel:express_550t:2.63Intel Intel Express 550T Firmware 2.63
cpe:/h:intel:express_550f:2.64Intel Intel Express 550F Firmware 2.64
cpe:/h:intel:express_510t:2.63Intel Intel Express 510T Firmware 2.63
cpe:/h:intel:express_550f:2.63Intel Intel Express 550F Firmware 2.63
cpe:/h:intel:express_520t:2.64Intel Intel Express 520T Firmware 2.64
cpe:/h:intel:express_520t:2.63Intel Intel Express 520T Firmware 2.63
cpe:/h:intel:express_550t:2.64Intel Intel Express 550T Firmware 2.64
cpe:/h:intel:express_510t:2.64Intel Intel Express 510T Firmware 2.64

- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD

- 其它链接及资源
(VENDOR_ADVISORY)  BUGTRAQ  20000906 VIGILANTE-2000010: Intel Express Switch series 500 DoS #2

- 漏洞信息

Intel Express 500 Series Switches Malformed ICMP DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2000-09-06 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Intel Express Switch 500 Series Malformed ICMP Packet DoS Vulnerability
Failure to Handle Exceptional Conditions 1647
Yes Yes
2000-09-06 12:00:00 2009-07-11 02:56:00
Posted to Bugtraq on September 6, 2000 by Peter Gründl <>.

- 受影响的程序版本

Intel Corporation Express 550T (Firmware 2.64)
Intel Corporation Express 550T (Firmware 2.63)
Intel Corporation Express 550F (Firmware 2.64)
Intel Corporation Express 550F (Firmware 2.63)
Intel Corporation Express 520T (Firmware 2.64)
Intel Corporation Express 520T (Firmware 2.63)
Intel Corporation Express 510T (Firmware 2.64)
Intel Corporation Express 510T (Firmware 2.63)

- 漏洞讨论

Sending a malformed ICMP packet to an Intel Express Switch or a host residing behind it will crash the system. The malformed packet can be sent locally or remotely and can be spoofed. In the event that the switch receives the malformed ICMP packet, it will continue to operate as a switch, however, it will lose all routing functionality and will not pick up on new connections.

- 漏洞利用

Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at:

- 解决方案

Intel has provided a firmware upgrade for all affected versions (510T, 520T, 550T, and 550F). It can be downloaded from the link below. Intel Device View 2.1.x is required before installing the upgrade and is also available at the following link:

- 相关参考