HP Path MTU Discovery DoS 漏洞

漏洞信息详情

HP Path MTU Discovery DoS 漏洞

• CNNVD编号：CNNVD-200001-054
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2000-0095
  
• 漏洞类型：
  
  
  设计错误
  
• 发布时间：
  
  2000-01-24
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-05-02
  
• 厂        商：
  
  hp
• 漏洞来源：
  This vulnerability…

HP-UX 10.30版本和11.00版本中用于确定最佳的MTU的PMTU discovery进程产生了大量小流量数据包。远程攻击者利用此漏洞导致系统成为包放大器。

The vendor recommends the following action:
Reference ndd manpage (1M), /etc/rc.config.d/nddconf
To ensure that this parameter is set each time the system is booted, add the following lines to /etc/rc.config.d/nddconf
TRANSPORT_NAME[]=ip
NDD_NAME[]=ip_pmtu_strategy
NDD_VALUE[]=1
The value of is an integer from 0 to 99. The first parameter specified in the file should use an of 0, the second an of 1, and so on.
Once these changes have been made, execute the following command:

/usr/bin/ndd -c

This sets all of the options specified in the file /etc/rc.config.d/nddconf.
To verify that the parameter is set correctly, use the following command.
/usr/bin/ndd -get /dev/ip ip_pmtu_strategy

This should report a value of 1.

Another way to change the ip_pmtu_strategy parameter on a running system is to use the following NDD command:
/usr/bin/ndd -set /dev/ip ip_pmtu_strategy 1
This setting will only last until the system is rebooted at which point the value of the parameter will be determined by the default value of 2 or whatever value is set in /etc/rc.config.d/nddconf

来源: HP
名称: HPSBUX0001-110
链接:http://www.securityfocus.com/templates/advisory.html?id=2041

来源: BID
名称: 944
链接:http://www.securityfocus.com/bid/944