TCP/IP IP Fragment Re-Assembly Remote DoS (teardrop)

high Nessus Plugin ID 10279

Synopsis

The remote system is affected by a denial of service vulnerability.

Description

It was possible to make the remote server crash using the 'teardrop' attack.

An attacker may use this flaw to shut down this server, thus preventing your network from working properly.

Solution

contact your operating system vendor for a patch.

Plugin Details

Severity: High

ID: 10279

File Name: teardrop.nasl

Version: 1.36

Type: remote

Family: Denial of Service

Published: 6/22/1999

Updated: 3/6/2019

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 11/13/1997

Reference Information

CVE: CVE-1999-0015

BID: 124

Detections

Analytics