var-199907-0022
Vulnerability from variot
Denial of service in Gauntlet Firewall via a malformed ICMP packet. The vulnerability occurs because Gauntlet Firewall cannot handle a condition where an ICMP Protocol Problem packet's (ICMP_PARAMPROB) encapsulated IP packet has a random protocol field and certain IP options set. The packet structure looks like this: Begin Packet
[NORMAL IP HEADER] [ICMP PARAMPROB HEADER] -- encapsulated ip packet -- [IP HEADER] (important fields in ip header) ip_p = 98 (let's specify a protocol that doesn't exist) ip_hl = 0xf (stuff options)
End Packet An attacker would do the following: Construct the [ip-icmp-ip] packet using a raw socket (SOCK_RAW) with the fields set accordingly, destination set to any machine behind the firewall. Send the packet(s). The number of packets that need to be sent depends on the platform (ie Sol on a Sparc vs BSDI). The consequence of this vulnerability being exploited is the target Gauntlet 5.0 firewall being remotely locked up. It should be expected that an attacker would send packets with spoofed source addresses in the ip header making it difficult to trace
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199907-0022",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gauntlet firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "network associates",
"version": "5.0"
},
{
"model": "associates gauntlet firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "network",
"version": "5.0"
},
{
"model": "associates gauntlet firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "network",
"version": "5.5"
}
],
"sources": [
{
"db": "BID",
"id": "556"
},
{
"db": "CNNVD",
"id": "CNNVD-199907-039"
},
{
"db": "NVD",
"id": "CVE-1999-0683"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "First posted to BugTraq by Mike Frantzen \u003cfrantzen@expert.cc.purdue.edu\u003e on July 30, 1999.",
"sources": [
{
"db": "BID",
"id": "556"
}
],
"trust": 0.3
},
"cve": "CVE-1999-0683",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-1999-0683",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-665",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-1999-0683",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-199907-039",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-665",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-665"
},
{
"db": "CNNVD",
"id": "CNNVD-199907-039"
},
{
"db": "NVD",
"id": "CVE-1999-0683"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Denial of service in Gauntlet Firewall via a malformed ICMP packet. The vulnerability occurs because Gauntlet Firewall cannot handle a condition where an ICMP Protocol Problem packet\u0027s (ICMP_PARAMPROB) encapsulated IP packet has a random protocol field and certain IP options set. \nThe packet structure looks like this:\nBegin Packet\n------------------------------------------\n[NORMAL IP HEADER]\n[ICMP PARAMPROB HEADER]\n-- encapsulated ip packet --\n[IP HEADER]\n(important fields in ip header)\nip_p = 98 (let\u0027s specify a protocol that doesn\u0027t exist)\nip_hl = 0xf (stuff options)\n------------------------------------------\nEnd Packet\nAn attacker would do the following:\nConstruct the [ip-icmp-ip] packet using a raw socket (SOCK_RAW) with the fields set accordingly, destination set to any machine behind the firewall. \nSend the packet(s). \nThe number of packets that need to be sent depends on the platform (ie Sol on a Sparc vs BSDI). \nThe consequence of this vulnerability being exploited is the target Gauntlet 5.0 firewall being remotely locked up. It should be expected that an attacker would send packets with spoofed source addresses in the ip header making it difficult to trace",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0683"
},
{
"db": "BID",
"id": "556"
},
{
"db": "VULHUB",
"id": "VHN-665"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-665",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-665"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "556",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-1999-0683",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "1029",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-199907-039",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "19441",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-665",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-665"
},
{
"db": "BID",
"id": "556"
},
{
"db": "CNNVD",
"id": "CNNVD-199907-039"
},
{
"db": "NVD",
"id": "CVE-1999-0683"
}
]
},
"id": "VAR-199907-0022",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-665"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-22T23:00:48.014000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0683"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.securityfocus.com/bid/556"
},
{
"trust": 2.7,
"url": "http://www.osvdb.org/1029"
},
{
"trust": 0.1,
"url": ""
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-665"
},
{
"db": "CNNVD",
"id": "CNNVD-199907-039"
},
{
"db": "NVD",
"id": "CVE-1999-0683"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-665"
},
{
"db": "BID",
"id": "556"
},
{
"db": "CNNVD",
"id": "CNNVD-199907-039"
},
{
"db": "NVD",
"id": "CVE-1999-0683"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1999-07-30T00:00:00",
"db": "VULHUB",
"id": "VHN-665"
},
{
"date": "1999-07-30T00:00:00",
"db": "BID",
"id": "556"
},
{
"date": "1999-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199907-039"
},
{
"date": "1999-07-30T04:00:00",
"db": "NVD",
"id": "CVE-1999-0683"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-09T00:00:00",
"db": "VULHUB",
"id": "VHN-665"
},
{
"date": "1999-07-30T00:00:00",
"db": "BID",
"id": "556"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199907-039"
},
{
"date": "2024-11-20T23:29:13.477000",
"db": "NVD",
"id": "CVE-1999-0683"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199907-039"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gauntlet Firewall Decline service vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199907-039"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199907-039"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…