ICMP Netmask Request Information Disclosure

info Nessus Plugin ID 10113

Synopsis

The remote host is affected by an information disclosure vulnerability.

Description

The remote host answers to an ICMP_MASKREQ query and responds with its netmask. An attacker can use this information to understand how your network is set up and how routing is done. This may help him to bypass your filters.

Solution

Reconfigure the remote host so that it does not answer to those requests. Set up filters that deny ICMP packets of type 17.

Plugin Details

Severity: Info

ID: 10113

File Name: icmp_mask_req.nasl

Version: 1.40

Type: remote

Family: General

Published: 7/29/1999

Updated: 4/27/2023

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Manual analysis of the vulnerability

VPR

Risk Factor: Low

Score: 0.8

Vulnerability Information

Vulnerability Publication Date: 1/1/1995

Reference Information

CVE: CVE-1999-0524

CWE: 200