CVE-2002-0604
CVSS5.0
发布时间 :2002-06-18 00:00:00
修订时间 :2016-10-17 22:20:49
NMCOS    

[原文]Snapgear Lite+ firewall 1.5.3 and 1.5.4 allows remote attackers to cause a denial of service (crash) via a large number of packets with malformed IP options.


[CNNVD]Snapgear Lite+ 防火墙不正常IP数据包导致拒绝服务攻击漏洞(CNNVD-200206-051)

        
        Snapgear Lite+是一款集成防火墙、路由和VPN支持的设备。
        Snapgear Lite+ 防火墙在处理IP选项时存在问题,可导致远程攻击者进行拒绝服务攻击。
        由于防火墙不能正确处理带有不正常IP选项的IP包,攻击者可以连续发送7000个以上此类IP包最终导致防火墙停止正常响应。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:snapgear:snapgear_lite%2b_firewall:1.5.4
cpe:/a:snapgear:snapgear_lite%2b_firewall:1.5.3

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0604
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0604
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200206-051
(官方数据源) CNNVD

- 其它链接及资源

http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0050.html
(UNKNOWN)  VULNWATCH  20020502 [VulnWatch] KPMG-2002017: Snapgear Lite+ Firewall Denial of Service
http://marc.info/?l=bugtraq&m=102035583114759&w=2
(UNKNOWN)  BUGTRAQ  20020502 KPMG-2002017: Snapgear Lite+ Firewall Denial of Service
http://www.iss.net/security_center/static/8988.php
(VENDOR_ADVISORY)  XF  snapgear-vpn-ipoptions-dos(8988)
http://www.securityfocus.com/bid/4660
(UNKNOWN)  BID  4660
http://www.snapgear.com/releases.html
(VENDOR_ADVISORY)  CONFIRM  http://www.snapgear.com/releases.html

- 漏洞信息

Snapgear Lite+ 防火墙不正常IP数据包导致拒绝服务攻击漏洞
中危 其他
2002-06-18 00:00:00 2005-10-20 00:00:00
远程  
        
        Snapgear Lite+是一款集成防火墙、路由和VPN支持的设备。
        Snapgear Lite+ 防火墙在处理IP选项时存在问题,可导致远程攻击者进行拒绝服务攻击。
        由于防火墙不能正确处理带有不正常IP选项的IP包,攻击者可以连续发送7000个以上此类IP包最终导致防火墙停止正常响应。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 暂时没有合适的临时解决方法。
        厂商补丁:
        SnapGear
        --------
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        Snapgear Upgrade SnapGearLITE_LITE+_v1.6.0_20020429_netflash.exe
        
        http://www.snapgear.com/ftp/snapgear/firmware/SnapGearLITE_LITE+_v1.6.0_20020429_netflash.exe

        Windows version.
        Snapgear Upgrade SnapGearLITE_LITE+_v1.6.0_20020429_imagez.bin
        
        http://www.snapgear.com/ftp/snapgear/firmware/SnapGearLITE_LITE+_v1.6.0_20020429_imagez.bin

        Linux version.

- 漏洞信息

14428
SnapGear Lite+ Firewall Malformed IP Options DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-05-02 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Snapgear Lite+ Firewall IP-OPTIONS Denial of Service Vulnerability
Failure to Handle Exceptional Conditions 4660
Yes No
2002-05-02 12:00:00 2009-07-11 12:46:00
Andreas Sandor (asandor@kpmg.dk) & Peter Gründl (pgrundl@kpmg.dk).

- 受影响的程序版本

Snapgear Lite+ Firewall 1.5.4
Snapgear Lite+ Firewall 1.5.3
Snapgear Lite+ Firewall 1.6 .0

- 不受影响的程序版本

Snapgear Lite+ Firewall 1.6 .0

- 漏洞讨论

Snapgear Lite+ is a device with integrated firewall, routing, and VPN support.

The firewall is unable to handle IP packets with malformed IP options. Sending many such packets will eventually cause the firewall to crash.

- 漏洞利用

There is no exploit code required.

- 解决方案

The vendor has released a firmware upgrade.


Snapgear Lite+ Firewall 1.5.3

Snapgear Lite+ Firewall 1.5.4

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站