|
| TC: | 11015 | |
| Description: | Smurf is an attack based on ICMP request packets sent to a broadcast address with a spoofed source address. The result of this attack is the production of many ICMP packets on the attacked network. This can result in the slowing of communications or can even create a situation where the spoofed host can no longer respond. This test case does not check whether you are vulnerable or not. It checks if your host can be used to attack an other host. | |
| TC Impact: | Gather Info |
| Vulnerability Publication: | October 12, 1997 | |
| Advisory Copyright: | T. Freak | |
| Summary: | It is possible to use your host to launch flood attack. | |
| Risk: | Medium | |
| CVSS 2.0 metrics: | Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial | |
| CVSS 2.0 Base Score: | 5.0 |
| Vulnerability Impact: |
Denial of Service |
|---|
| Host Impact: | Your host can be used to flood the network. | |
| Nature of Remediation: | Change the configuration. |
| Step required to fix the reported vulnerability: | |
***** Solution type: Update Configuration ***** Change router configuration to block ICMP broadcasts. |
| References: | ||
| * CERT: CA-98.01.smurf http://www.cert.org/advisories/CA-98.01.smurf.html * FREEBSD: FreeBSD-SA-98:06 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:06.icmp.asc * XF: smurf http://xforce.iss.net/getrecord.jsp?id=588 * BID: http://www.securityfocus.com/bid/147 * MISC: http://securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.91.97101214 * ISS: http://www.iss.net/security_center/reference/2000103.html * MISC: Top ten Smurf amplifiers http://www.powertech.no/smurf/ * MISC: http://www.pentics.net/denial-of-service/white-papers/smurf.cgi * MISC: http://www.ciac.org/ciac/bulletins/i-021a.shtml |
| CVE Link: |
CVE-1999-0513 |
 |
|---|
| Glossary: |
Denial of Service ICMP |
|---|