| VID |
12051 |
| Severity |
40 |
| Port |
|
| Protocol |
ICMP |
| Class |
Protocol |
| Detailed Description |
The system is vulnerable to a denial-of-service attack using large ICMP datagrams. This vulnerability is known as 'jolt' or 'Ping of Death'. The TCP/IP specification (the basis for many protocols used on the Internet) allows for a maximum packet size of up to 65536 bytes in length. The "Ping of Death" attack can be triggered by transmitting a fragmented ICMP echo packet greater than 65535 bytes in length to a affected system. This can cause the system to crash, reboot, or behave in unpredictable ways.
* Platforms Affected:
Linux Systems
SunOS
HP-UX
AIX
Windows 95, NT |
| Recommendation |
Apply a patch for this vulnerability or upgrade your system to a fixed version.
For Linux Systems:
Upgrade Linux 1.3.x and 2.0.x kernels to Linux 2.0.27 or later. This is available from all the main archive sites such as ftp://ftp.cs.helsinki.fi/pub/Software/Linux
For IBM AIX:
Apply appropriate patch for your system, as listed in IBM Emergency Response Service Security Vulnerability Alert ERS-SVA-E01-1996:006.1 at http://www-1.ibm.com/services/continuity/recover1.nsf/MSS/ERS-SVA-E01-1996.006.1/$file/ERS-SVA-E01-1996_006_1.txt
For HP-UX:
Apply the patch for this vulnerability, as listed in Hewlett-Packard Security Bulletin HPSBUX9610-040 at http://online.securityfocus.com/advisories/1518
For SunOS:
Apply the appropriate patch for your system, as listed in CERT Advisory CA-1996-26 at http://www.cert.org/advisories/CA-1996-26.html
For other distributions:
Contact your vendor for upgrade or patch information. |
| Related URL |
CVE-1999-0128 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
95 (ISS) |
|
