刘慈欣谈ChatGPT:人类的无能反而 刘慈欣谈ChatGPT:人类的无能反而
OpenAI 因使用“窃取”的个人数据 OpenAI 因使用“窃取”的个人数据
搜狐回应员工遭遇工资补助诈骗: 搜狐回应员工遭遇工资补助诈骗:

软件测试 > 测试技术 > 安全测试 >

Cisco PIX 无效 TCP Checksum 拒绝服务漏洞

发表于:2007-06-23来源:作者:点击数: 标签:
信息提供: 安全 公告(或线索)提供热线:51cto.editor@gmail.com 漏洞类别: 设计错误 攻击类型: 远程攻击 发布日期: 2005-11-22 更新日期: 2005-11-22 受影响系统: Cisco PIX/ASA 7.0.1 .4 Cisco PIX/ASA 7.0 Cisco PIX OS Cisco PIX Firewall 535 Ci

   



信息提供:

 安全公告(或线索)提供热线:51cto.editor@gmail.com

漏洞类别:

 设计错误

攻击类型:

 远程攻击

发布日期:

 2005-11-22

更新日期:

 2005-11-22

受影响系统:

 Cisco PIX/ASA 7.0.1 .4

Cisco PIX/ASA 7.0

Cisco PIX OS

Cisco PIX Firewall 535

Cisco PIX Firewall 525 6.3

Cisco PIX Firewall 525

Cisco PIX Firewall 520

Cisco PIX Firewall 515E

Cisco PIX Firewall 515

Cisco PIX Firewall 506

Cisco PIX Firewall 501

Cisco PIX Firewall 6.3.3 (133)

Cisco PIX Firewall 6.3.2

Cisco PIX Firewall 6.3.1

Cisco PIX Firewall 6.3 (5)

Cisco PIX Firewall 6.3 (3.109)

Cisco PIX Firewall 6.3 (3.102)

Cisco PIX Firewall 6.3 (3)

Cisco PIX Firewall 6.3 (1)

Cisco PIX Firewall 6.3

Cisco PIX Firewall 6.2.3 (110)

Cisco PIX Firewall 6.2.3

Cisco PIX Firewall 6.2.2 .111

Cisco PIX Firewall 6.2.2

Cisco PIX Firewall 6.2.1

Cisco PIX Firewall 6.2 (3.100)

Cisco PIX Firewall 6.2 (3)

Cisco PIX Firewall 6.2 (2)

Cisco PIX Firewall 6.2 (1)

Cisco PIX Firewall 6.2

Cisco PIX Firewall 6.1.5 (104)

Cisco PIX Firewall 6.1.5

Cisco PIX Firewall 6.1.4

Cisco PIX Firewall 6.1.3

Cisco PIX Firewall 6.1 (5)

Cisco PIX Firewall 6.1 (4)

Cisco PIX Firewall 6.1 (3)

Cisco PIX Firewall 6.1 (2)

Cisco PIX Firewall 6.1 (1)

Cisco PIX Firewall 6.1

+ Cisco PIX Firewall 515

+ Cisco PIX Firewall 520

Cisco PIX Firewall 6.0.4

Cisco PIX Firewall 6.0.3

Cisco PIX Firewall 6.0 (4.101)

Cisco PIX Firewall 6.0 (4)

Cisco PIX Firewall 6.0 (2)

Cisco PIX Firewall 6.0 (1)

Cisco PIX Firewall 6.0

+ Cisco PIX Firewall 515

+ Cisco PIX Firewall 520

Cisco PIX Firewall 5.3 (3)

Cisco PIX Firewall 5.3 (2)

Cisco PIX Firewall 5.3 (1.200)

Cisco PIX Firewall 5.3 (1)

Cisco PIX Firewall 5.3

+ Cisco PIX Firewall 515

+ Cisco PIX Firewall 520

Cisco PIX Firewall 5.2 (9)

Cisco PIX Firewall 5.2 (7)

Cisco PIX Firewall 5.2 (6)

Cisco PIX Firewall 5.2 (5)

Cisco PIX Firewall 5.2 (3.210)

Cisco PIX Firewall 5.2 (2)

Cisco PIX Firewall 5.2 (1)

Cisco PIX Firewall 5.2

Cisco PIX Firewall 5.1.4

Cisco PIX Firewall 5.1 (4.206)

Cisco PIX Firewall 5.1

+ Cisco PIX Firewall 515

+ Cisco PIX Firewall 520

Cisco PIX Firewall 5.0

+ Cisco PIX Firewall 515

+ Cisco PIX Firewall 520

Cisco PIX Firewall 4.4 (8)

Cisco PIX Firewall 4.4 (7.202)

Cisco PIX Firewall 4.4 (4)

Cisco PIX Firewall 4.4

Cisco PIX Firewall 4.3

Cisco PIX Firewall 4.2.2

Cisco PIX Firewall 4.2.1

Cisco PIX Firewall 4.2 (5)

Cisco PIX Firewall 4.2

Cisco PIX Firewall 4.1.6 b

Cisco PIX Firewall 4.1.6

Cisco PIX Firewall 4.0

Cisco PIX Firewall 3.1

Cisco PIX Firewall 3.0

Cisco PIX Firewall 2.7

安全系统:



漏洞报告人:

 "Konstantin V. Gavrilenko"

漏洞描述:

Bugtraq ID: 15525

Cisco PIX 在处理带有无效checksum 的 TCP SYN 包裹时,发生远程拒绝服务漏洞。

这使攻击者可以临时阻断任意TCP服务的网络连接。反复发动这样的攻击将可能导致拒绝服务。

测试方法:

警告

以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!

请参看下面的例子,由Janis Vizulis, Arhont Ltd.提供:

  • /data/vulnerabilities/exploits/PIXdos.pl



解决方法:

Cisco 已发布 Cisco Bug ID CSCsc14915 to PIX 6.3 和CSCsc16014 to PIX 7.0,详细信息见:

  • Cisco PIX TCP Connection Prevention ("Randy Ivener \(rivener\)" )

  • Cisco PIX TCP Connection Prevention ("Konstantin V. Gavrilenko" )



原文转自:http://www.ltesting.net

相关文章

软件测试沙龙 More>>

新浪微博More>>

...

热门标签