GEN:SID | 1:279 |
Message | DOS Bay/Nortel Nautica Marlin |
Summary | This event is generated when an attempt is made to issue a Denial of Service attack that causes Bay/Nortel Nautical Marlin bridges to crash.
|
Impact | Denial of Service. Network traffic can be disrupted.
|
Detailed Information | Nautica Marlin bridges will crash if a UDP packet is received on the SNMP port (161) which has a data length of 0.
|
Affected Systems | Bay/Nortel Nautica Marlin Bridges
|
Attack Scenarios | The bridges can be crashed remotely. The offending packet uses UDP (which is not connection oriented) and can be easily spoofed.
|
Ease of Attack | Simple. Tools are available that can exploit this vulnerability.
|
Corrective Action | Block connections to port 161 from unauthorized hosts using firewall or router ACLs. The release notes for the only available upgrade for this product do not mention this vulnerability. The product has been discontinued.
|
Additional References | CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0221
Bugtraq: http://www.securityfocus.com/bid/1009
Nortel: http://www.nortelnetworks.com
|
Rule References | cve: 2000-0221
bugtraq: 1009
|