Cayman gateways are vulnerable to a denial of service. An attacker can send a number of TCP connect() requests or SYN packets, in conjunction with a "Bouncing" vulnerability, and can cause a denial of service to the gateway.
The gateway will crash after receiving a number of TCP connect() requests or SYN packets. This can be exploited via the LAN side, and via the WAN side in conjunction with a "bouncing" vulnerability. Installing the newest version will resolve this vulnerability.
A denial of service occurs.
Upgrade to the latest vendor software release.
This vulnerability was discovered by Karim Elmaizi.
This document was written by Jason Rafail.
|Date First Published:||2001-08-27|
|Date Last Updated:||2001-08-27 15:02 UTC|