---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Nortel Networks Products ICMP Handling Vulnerabilities SECUNIA ADVISORY ID: SA15761 VERIFY ADVISORY: http://secunia.com/advisories/15761/ CRITICAL: Less critical IMPACT: DoS WHERE: >From remote OPERATING SYSTEM: Nortel VPN Routers http://secunia.com/product/2426/ Nortel Services Edge Router 5500 (formerly Shasta) http://secunia.com/product/5383/ Nortel Passport 1150 Routing Switch http://secunia.com/product/2407/ Nortel Multiservice Switch 7400 (formerly Passport) http://secunia.com/product/2417/ Nortel Multiservice Switch 6400 (formerly Passport) http://secunia.com/product/2416/ Nortel Multiservice Switch 20000 (formerly Passport) http://secunia.com/product/2411/ Nortel Multiservice Switch 15000 (formerly Passport) http://secunia.com/product/2409/ Nortel Multiservice Access Switch 4400 Series (formerly Passport) http://secunia.com/product/2414/ Nortel Multiprotocol Router 5430 (formerly Passport) http://secunia.com/product/2415/ Nortel Multiprotocol Router 2430 (formerly Passport) http://secunia.com/product/2412/ Nortel Ethernet Switch 470 (formerly BayStack) http://secunia.com/product/5380/ Nortel Ethernet Switch 425 (formerly BayStack) http://secunia.com/product/4772/ Nortel Ethernet Switch 420-24T (formerly BayStack) http://secunia.com/product/3131/ Nortel Ethernet Routing Switch 8600 (formerly Passport) http://secunia.com/product/2421/ Nortel Ethernet Routing Switch 5520 (formerly BayStack) http://secunia.com/product/5382/ Nortel Ethernet Routing Switch 5510 (formerly BayStack) http://secunia.com/product/5381/ Nortel Backbone Link Node (BLN) Router http://secunia.com/product/5386/ Nortel Backbone Concentrator Node (BCN) Router http://secunia.com/product/5385/ Nortel Application Switches (formerly Alteon) http://secunia.com/product/2431/ Nortel Advanced Remote Node (ARN) Router (formerly Passport) http://secunia.com/product/2422/ Nortel Access Stack Node (ASN) Router http://secunia.com/product/5384/ DESCRIPTION: Nortel Networks has acknowledged some vulnerabilities in various products, which can be exploited by malicious people to cause various types of DoS (Denial of Service). For more information: SA14904 The following products are only partly affected: * Application Switch is only affected on the management port. * Ethernet Switch (BPS2000/460/470), Ethernet Switch (420/425/325), Ethernet Switch 380-24T, and Ethernet Routing Switch 5510/5520 are only affected by the ICMP Source Quench attack. * Multiservice Switch (6000 Series, 7000 Series, 15000, and 20000) is at limited risk due to MD5 authentication in PCR 6.1 and improvements made to sequence number selection. * Multiservice Access Switch 4400 is only affected by ICMP source quench attacks, but does not typically have high speed interfaces. * Multiprotocol Router Family is not affected by the ICMP Source Quench attack. SOLUTION: Application Switch (Alteon Family): The vendor recommends using the data port instead of the management port for management traffic or connect the management port to a secured segment of the network. BayStack family of products: The vendor has reportedly issued a patch. VPN Router: The vendor recommends limiting exposure by disabling the few allowed TCP protocols permitted on the public side if they are not in use (PPTP, HTTPS, SSL, and LDAP). Ethernet Routing Switch (Passport 8600 Routing Switch): Update to release 3.5.10.0 or 3.7.7.0. Multiservice Access Switch 4400 (formerly Passport 4400): Update to release 4.3.1.7.3.0 , 5.2.0.11.9.0, or 4.0.4.30.8.0. Ethernet Routing Switch (Passport Family 1100/1150/1200/1250): A fix is reportedly available. Services Edge Router (Shasta Family): The vendor recommends configuring a security IP policy protecting against these types of attacks. Multiprotocol Router Family: Patches are available for the 15.6, 15.5, 15.4, and 14.0 release streams. ORIGINAL ADVISORY: Nortel Networks: http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6&category=29&subcategory=1&subtype=&DocumentOID=326515 OTHER REFERENCES: SA14904: http://secunia.com/advisories/14904/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------