12-11-2007 02:40 AM - edited 03-09-2019 07:36 PM
Hi,
I have a customer that has run a nessus vulnerability scan, and it reports that there is a dos risk on his 3750, even though the nessus report relates to winterm thin clients.
Quote:
It was possible to crash the remote host by sending a specially crafted IP packet with a null length for IP option #0xE4
Risk Factor : High
CVE : CVE-2005-2577
BID : 7175, 14536
I am relativley new to security and have been unable to find any reference to this threat. Any help would be greatly appreciated.
Thanks
12-18-2007 07:01 AM
May be remote host by sending a IP packet with a null length for IP option #0xE4
12-18-2007 07:43 AM
did the router crash or not? most vulnerability scanners have false positives and Nessus is certainly no exception. this clearly looks like one since a router is not a thin client device;-)
You can use hping to test to verify.
12-18-2007 01:27 PM
Hi,
Thanks for the reply, the switch didn't crash he is just worried that it could, though all the info I can find relates to thin clients also. He is just very worried as this unit is actings right at his core for layer 3 on a major part of his network.
the IOS concerened is c3750-ipservices-mz.122-25.SEB4, but I cant see any bug on this that relates to altered packets.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: