lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <OF44802C7C.D7629E0B-ON85256D6C.0042B6CD-85256D6C.0061612D@tco.census.gov>
From: lee.e.rian at census.gov (lee.e.rian@...sus.gov)
Subject: Re: Cisco IOS Denial of Service  that affects most
 Cisco IOS routers- requires power cycle to recover

On July 22 Curt Purdy <purdy@...man.com> said
>
> If the packet expires in transit i.e. ttl 1 to router 2 hops away means
it
> never gets to that router.  Not possible to fill a queue with a packet
that
> is dropped by the previous router.

Someone said that having the TTL of an evil packet expire on a vulnerable
router was enough to cause the problem.  The reasoning made sense - the TTL
expires so the packet gets bumped up to process level, put on the input
queue and never comes off.  But I haven't been able to duplicate that and
was wondering if it was a bogus report or my testing was ummm... less that
perfect.

So... has anyone been able to verify that the problem occurs when the TTL
expires without the packet being addressed to the router?  Or is it a
requirement that the evil packet be addressed to the router?


Regards,
Lee





Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ