TITLE: HP-UX TCP/IP "Rose Attack" Denial of Service Vulnerability SECUNIA ADVISORY ID: SA18082 VERIFY ADVISORY: http://secunia.com/advisories/18082/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote OPERATING SYSTEM: HP-UX 11.x http://secunia.com/product/138/ DESCRIPTION: A vulnerability has been reported in HP-UX, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the handling of specially crafted IP fragments. This can be exploited by sending a sequence of specially crafted IP fragments to cause the system to use too much system resources, potentially resulting in DoS. This is commonly known as the "Rose Attack. The vulnerability has been reported in version B.11.00, B.11.04, B.11.11, and B.11.23 running TCP/IP. SOLUTION: Apply updates. http://www.hp.com/go/softwaredepot HP-UX B.11.00: Install PHNE_33395 or later, and run "sqmax 1000". HP-UX B.11.04: Install PHNE_33427 or later, and run "sqmax 1000". HP-UX B.11.11: Install PHNE_31091 or later, and run "sqmax 1000". HP-UX B.11.23: Install PHKL_31500. Alternatively, install IPF-HP revision A.03.05.10.02 or later. PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: HPSBUX02087 SSRT4728: http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00579189 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------