Bugtraq mailing list archives
Re: SNI-26: Ascend Router Security Issues
From: twiggy () twiggy spider org (Cyril Jaouich)
Date: Tue, 17 Mar 1998 15:33:11 -0500
This is about the UDP bug found in Ascend products: The fix posted by Ascend works but is not perfect, since it ONLY works for IP traffic. If you put this filter on your Ethernet interface, arp messages will stop being processed. This is caused by the second filter condition that lets ONLY Ip thru. Below is the correct filter, it is also good to put in the Output filter I've made. Thanks ----------------------- 90-501 UDP Attack ----------------- In filter 01
Valid =Yes
Type = IP Generic... IP... Ip...
Forward = No
Src Mask = 0.0.0.0 Src Adrs = 0.0.0.0 Dst Mask = 0.0.0.0 Dst Adrs = 0.0.0.0 Protocol = 17 Src Port Cmp = None Src Port # = N/A Dst Port Cmp = Eql Dst Port # = 9 TCP Estab = N/A -- In filter 02
Valid =Yes
Type = GENERIC Generic... IP... Generic...
Forward=Yes
Offset=0 Length=0 Mask=0000000000000000 Value=0000000000000000 Compare=Equals More=No ----------------- Out filter 01
Valid =Yes
Type = IP Generic... IP... Ip...
Forward = No
Src Mask = 0.0.0.0 Src Adrs = 0.0.0.0 Dst Mask = 0.0.0.0 Dst Adrs = 0.0.0.0 Protocol = 17 Src Port Cmp = None Src Port # = N/A Dst Port Cmp = Eql Dst Port # = 9 TCP Estab = N/A -- Out filter 02
Valid =Yes
Type = GENERIC Generic... IP... Generic...
Forward=Yes
Offset=0 Length=0 Mask=0000000000000000 Value=0000000000000000 Compare=Equals More=No ----------------- Cyril Jaouich [CJ837] --------------------- ACC DATA OPERATIONS EASTERN CANADA ----------------------------------
Current thread:
- SNI-26: Ascend Router Security Issues Secure Networks Inc. (Mar 16)
- <Possible follow-ups>
- Re: SNI-26: Ascend Router Security Issues Cyril Jaouich (Mar 17)