Axent Raptor Firewall Zero Length IP Remote DoS

high Nessus Plugin ID 10022

Synopsis

It is possible to crash the remote device

Description

It is possible to make the remote Axent raptor freeze by sending it a IP packet containing special options (of length equals to 0)

An attacker may use this flaw to make the remote firewall crash continuously, thus preventing the network from working properly.

Solution

Filter the incoming IP traffic containing IP options, and contact Axent for a patch

Plugin Details

Severity: High

ID: 10022

File Name: axent_raptor_dos.nasl

Version: 1.30

Type: remote

Family: Firewalls

Published: 10/30/1999

Updated: 3/6/2019

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.5

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 10/20/1999

Reference Information

CVE: CVE-1999-0905

BID: 736

Detections

Analytics