Vigilante Advisory #10 - Intel Express Switch series 500 crashes when a malformed ICMP packet is sent to the Intel Express Switch or a host behind it. The switch looses all routing functionality but continues to function as a switch, except for the fact that learning also crashes, so new connections are not "picked up". Fix available here.
7256e8c0df1d7ce12f4af0950cdfe91032004217c0851024af0a141e17c70d5aIntel Express Switch series 500 DoS #2
Advisory Code: VIGILANTE-2000010
Release Date:
September 6, 2000
Systems Affected:
Intel Express Switch 510T
- Firmware version 2.63
- Firmware version 2.64
Intel Express Switch 520T
- Firmware version 2.63
- Firmware version 2.64
Intel Express Switch 550T
- Firmware version 2.63
- Firmware version 2.64
Intel Express Switch 550F
- Firmware version 2.63
- Firmware version 2.64
It is likely that older firmware versions are also affected.
THE PROBLEM
By sending a malformed ICMP packet, either to the Intel Express
Switch or a host behind it, the CPU crashes. The switch looses
all routing functionality but continues to function as a switch,
except for the fact that learning also crashes, so new connections
are not "picked up". The packet can be sent from a machine
directly connected to the switch or from a machine not directly
connected to the switch. Since the packet does not require a reply,
the packet can also be spoofed.
A Side Note:
During testing we also found the SNMP command that reboots the
switch, and just as a friendly reminder, please do remember to change
your switch's SNMP community name from the default to something a bit
harder to guess, since the reboot command can also be spoofed.
Vendor Status:
Intel was contacted on the 3rd of September and the vulnerability was
verified by them the following day. The fix was officially released
on the 5th of September.
Fix:
The fix for the Intel Express Switches 510T, 520T, 550T and 550F
is the same, and it can be found at this location:
https://support.intel.com/support/express/switches/500/es5_266.htm
Vendor URL: https://www.intel.com
Product URL:
https://www.intel.com/network/products/express_switches.htm?iid={500_switch}
Copyright VIGILANTe 2000-09-03
Disclaimer:
The information within this document may change without notice. Use of
this information constitutes acceptance for use in an AS IS
condition. There are NO warranties with regard to this information.
In no event shall the author be liable for any consequences whatsoever
arising out of or in connection with the use or spread of this
information. Any use of this information lays within the user's
responsibility.
Feedback:
Please send suggestions, updates, and comments to:
VIGILANTe
mailto: isis@vigilante.com
https://www.vigilante.com
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed