[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
 
 discussions
- read forum
- new topic
- search
 

 meetings
- meetings list
- recent additions
- add your info
 
 top 100 sites
- visit top sites
- sign up now
- members
 
 webmasters

- add your url
- add domain
- search box
- link to us

 
 projects
- our projects
- free email
 
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Intel Express Switch series 500 DoS #2

Title: Intel Express Switch series 500 DoS #2
Released by: Vigilante
Date: 6th September 2000
Printable version: Click here
Intel Express Switch series 500 DoS #2



Advisory Code:   VIGILANTE-2000010



Release Date:

September 6, 2000



Systems Affected:

Intel Express Switch 510T

- Firmware version 2.63

- Firmware version 2.64

Intel Express Switch 520T

- Firmware version 2.63

- Firmware version 2.64

Intel Express Switch 550T

- Firmware version 2.63

- Firmware version 2.64

Intel Express Switch 550F

- Firmware version 2.63

- Firmware version 2.64

It is likely that older firmware versions are also affected.



THE PROBLEM

By sending a malformed ICMP packet, either to the Intel Express

Switch or a host behind it, the CPU crashes. The switch looses

all routing functionality but continues to function as a switch,

except for the fact that learning also crashes, so new connections

are not "picked up". The packet can be sent from a machine

directly connected to the switch or from a machine not directly

connected to the switch. Since the packet does not require a reply,

the packet can also be spoofed.



A Side Note:

During testing we also found the SNMP command that reboots the

switch, and just as a friendly reminder, please do remember to change

your switch's SNMP community name from the default to something a bit

harder to guess, since the reboot command can also be spoofed.



Vendor Status:

Intel was contacted on the 3rd of September and the vulnerability was

verified by them the following day. The fix was officially released

on the 5th of September.



Fix:

The fix for the Intel Express Switches 510T, 520T, 550T and 550F

is the same, and it can be found at this location:

http://support.intel.com/support/express/switches/500/es5_266.htm





Vendor   URL: http://www.intel.com

Product  URL:

http://www.intel.com/network/products/express_switches.htm?iid={500_switch}

Copyright VIGILANTe 2000-09-03



Disclaimer:

The information within this document may change without notice. Use of

this information constitutes acceptance for use in an AS IS

condition. There are NO warranties with regard to this information.

In no event shall the author be liable for any consequences whatsoever

arising out of or in connection with the use or spread of this

information. Any use of this information lays within the user's

responsibility.



Feedback:

Please send suggestions, updates, and comments to:



VIGILANTe

mailto: isis@vigilante.com

http://www.vigilante.com








(C) 1999-2000 All rights reserved.