From: Steve Goldsby (ICS) (sgoldsby@networkarmor.com)
Date: Thu Jun 12 2003 - 14:38:35 EDT
DGUX 2.x and below definitely die upon port scan, just like old versions
of solaris (syn flood vulnerability).
-----Original Message-----
From: Helmut Springer [mailto:delta@lug-s.org]
Sent: Thursday, June 12, 2003 11:31 AM
To: pen-test@securityfocus.com
Cc: steve.x.jones@royalmail.com
Subject: Re: Port scan causing system crashes
Hi,
On 12 Jun 2003 at 13:23 +0200, steve.x.jones@royalmail.com wrote:
> Please can you help? Has any-one else out there had issues with
> NMAP port scans (or any other port scanner) causing systems to
> crash?
Yes.
> I've done a quick Google search and found confirmation for one of
> the systems - BUGTRAQ Vulnerability 3358, "IBM HACMP Port Scan
> Denial of Service Vulnerability", the other was a bespoke app
> running on some HP UX boxes.
Document ID: HPSBUX0306-264
Date Loaded: 20030604
Title: SSRT3460 Network traffic can cause programs to fail
[...]
A. Background
Certain network traffic can cause programs to fail. An
example of potentially vulnerable program is diagmond.
[...]
> Up til now I've been running port scans happily across our subnets
> to look for rogue FTP, SMTP, HTTP etc, obviously I'll have to take
> more care now...
One might say that you just find systems vulnerable to DoS attacks
this way, but in general scanning a pruduction environment always
carries a risk...
-- MfG/Best Regards, "If we keep our pride... helmut springer Though paradise is lost We will pay the price, But we will not count the cost." ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:34 EDT