|
| TC: | 11011 | |
| Description: | The remote host responded to an ICMP netmask request by sending an ICMP reply. This can be used to retrieve information regarding the architecture of your network. It can also be used to flood your network with undesirable traffic. | |
| TC Impact: | Attack |
| Vulnerability Publication: | July 25, 2001 | |
| Advisory Copyright: | N.A. | |
| Summary: | An attacker can flood the local network with undesirable packets. | |
| Risk: | Low | |
| CVSS 2.0 metrics: | Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: None | |
| CVSS 2.0 Base Score: | 0.0 |
| Vulnerability Impact: |
Gather Info |
|---|
| Host Impact: | An attacker can flood the internal network. | |
| Nature of Remediation: | Change configuration. |
| Step required to fix the reported vulnerability: | |
***** Solution type: Update Configuration ***** Configure your host so that it does not respond to ICMP request packets. If you do not need that service, block ICMP Netmask packets (ICMP packets of type 17) at firewall. |
| References: | ||
| * NETVIGILANCE-VULNDB: 11010 /tc/11010 * NETVIGILANCE-VULNDB: 11011 /tc/11011 * MISC: http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=1434 * OSVDB: 95 http://www.osvdb.org/95 * XF: icmp-netmask(306) http://xforce.iss.net/xforce/xfdb/306 * XF: icmp-timestamp(322) http://xforce.iss.net/xforce/xfdb/322 * MISC: Netmask-based ICMP Echo Request Smurf Broadcast Scanning with Crafted ICMP Payloads using SendIP http://www.whitehats.ca/main/members/Jeff/gcia_assign_2/gcia_assign_2.html |
| CVE Link: |
CVE-1999-0524 |
 |
|---|
| Glossary: |
Flooding ICMP |
|---|