Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Hackable bug found in net's heart

  • 22-04-2004 08:01AM
    #1
    dod
    Closed Accounts Posts: 801 ✭✭✭


    http://news.bbc.co.uk/2/hi/technology/3646223.stm
    Hackable bug found in net's heart
    One of the net's central technologies has a serious security vulnerability warn UK and US infrastructure protection agencies.

    Anyone exploiting the loophole could cause widespread disruption by subverting the way the internet ensures data reaches its intended destination.

    The discovery has led to a large-scale and private effort to plug the hole before it becomes widely known.

    So far there have been no reports of the vulnerability being exploited.

    Serious problem

    "Exploitation of this vulnerability could have affected the glue that holds the internet together," said Roger Cumming, head of the UK's National Infrastructure Security Coordination Centre.

    The NISCC issued an alert about the vulnerability on Tuesday and was swiftly followed by the US Department of Homeland Security.

    In its alert the DHS said the vulnerability: "could lead to a denial-of-service condition that could affect a large segment of the internet community."

    But it added: "Normal operations would most likely resume shortly after the attack stopped."

    The vulnerability was found in the Transmission Control Protocol (TCP) that underpins the working of the internet.

    It emerges because of the way that the net passes data around the net.

    Security researcher Paul Watson has found a way to quickly discover the code numbers used to preserve streams of data travelling, for example, from a particular website to your net browser.

    By crafting TCP data packets with the correct numbers and injecting them into the right traffic flow it becomes possible to end that datastream prematurely.

    Widespread abuse of the bug could mean some parts of the web are cut off.

    Before Mr Watson discovered the vulnerability it was thought that the time it would take to guess these large code numbers would make it impossible to mount such an attack.

    Even after the discovery the UK's NISCC had doubts that any attack using it would be easy to mount.

    It said there were numerous work arounds for the bug the broad principles of which have been known for some time.

    Mr Watson will present a paper about his discovery at the CanSecWest conference due to take place from 21-23 April in Vancouver, Canada.

    "It's a significant risk," said Paul Vixie of the Internet Systems Consortium.

    "Internet providers are jumping on this big time," he said, "It's really important this just gets fixed before the bad guys start exploiting it for fun and recognition."

    Many makers of net hardware have already issued patches to customers that close the loophole.

    Large net service providers have had advance notice of the bug and are thought to have taken steps to prevent their networks falling victim to it.


Comments

  • #2
    aidan_walsh
    Closed Accounts Posts: 17,208 ✭✭✭✭aidan_walsh


    While a rather harrowing report, I did see one varient where MS released a statement saying that the problem posed no threat to Windows platforms... Funny stuff...


  • #3
    leeroybrown
    Closed Accounts Posts: 7,562 ✭✭✭leeroybrown


    Routers (specifically BGP Routers) are most at risk from this. The manufacturers must be putting serious overtime in to come up with patched firmware asap.


  • #4
    LizardKing
    Registered Users, Registered Users 2 Posts: 1,605 ✭✭✭LizardKing


    Ciscos Advisory Releases

    Cisco Product Security Advisories and Notices
    Please review the following Cisco Security warnings and engage with your Cisco partner, Advanced Services or Cisco TAC to ensure that you are aware of these issues and the necessary steps to take to workaround these vulnerabilities in your Enterprise network.



    (1) TCP Vulnerabilities - RFC793 - Industry Wide

    A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer), and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, the attack vector does not directly compromise data integrity or confidentiality.
    All Cisco products which contain a TCP stack are susceptible to this vulnerability - please follow the URL's below for detailed information on workarounds, codelevels and explanation.

    Cisco Security Advisory: TCP Vulnerabilities in Multiple Non-IOS Cisco Products


    Cisco Security Advisory: TCP Vulnerabilities in Multiple IOS-Based Cisco Products



    (2) Cisco SNMP Message Vulnerabilities


    Cisco Internetwork Operating System (IOS) Software releases trains 12.0S, 12.1E, 12.2, 12.2S, 12.3, 12.3B and 12.3T may contain a vulnerability in processing SNMP requests which, if exploited, could cause the device to reload. The vulnerability is only present in certain IOS releases on Cisco routers and switches. This behavior was introduced via a code change and is resolved with CSCed68575.

    This vulnerability can be remotely triggered. A successful exploitation of this vulnerability may cause a reload of the device and could be exploited repeatedly to produce a Denial of Service (DoS).

    Cisco Security Advisory: Vulnerabilities in SNMP Message Processing






    ---


Advertisement