TCP/IP Multicast Address Handling Remote DoS (spank.c)

This script is Copyright (C) 2003-2013 Tenable Network Security, Inc.


Synopsis :

This system answers to TCP packets that are coming from
a multicast address.

Description :

This is known as the 'spank' denial of service attack.
An attacker might use this flaw to shut down this server and
saturate your network, thus preventing you from working properly.

This also could be used to run stealth portscans against this machine.

Solution :

Contact your operating system vendor for a patch.
Filter out multicast addresses (224.0.0.0/4)

Risk factor :

Medium / CVSS Base Score : 6.1
(CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C)

Family: Denial of Service

Nessus Plugin ID: 11901 ()

Bugtraq ID:

CVE ID: