Linux 2.1.89 - 2.2.3 IP Fragmenting Functionality 0 Length Fragment Handling Remote DoS

medium Nessus Plugin ID 10134

Synopsis

The remote host is prone to a denial of service attack.

Description

The remote host appears to be using a Linux kernel that contains a flaw in its IP fragment handling code. By sending a series of packets with 0 length fragments, an unauthenticated attacker may be able to disable the remote host's IP connectivity.

Solution

Upgrade to Linux kernel version 2.2.4 or later.

See Also

https://seclists.org/bugtraq/1999/Mar/149

Plugin Details

Severity: Medium

ID: 10134

File Name: linux_zero_len_fragment.nasl

Version: 1.42

Type: remote

Published: 6/22/1999

Updated: 3/6/2019

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/o:linux:kernel

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 3/24/1999

Reference Information

CVE: CVE-1999-0431

BID: 2247