Multiple Vendor *BSD Unaligned IP Option Denial of Service Vulnerability

1. Download, compile, and install libnet. It can be obtained from
http://www.packetfactory.net

2. Download and compile the ISIC suite of utilities. They are at
http://expert.cc.purdue.edu/~frantzen

3. After compiling the isic utilities, run the following from your shell of choice:
'icmpsic -s source -d dest -r 31337 -k 218504 -p 218505'

where source is the source IP address (spoofed addresses work just fine), and dest is the IP address of the NetBSD machine.

NOTE: For whatever reason, Linux mangles this packet before sending it. We have found that it does work correctly when sent from FreeBSD x86, NetBSD x86, and NetBSD arm32.
An exploit for FreeBSD is linked to below:


 

Privacy Statement
Copyright 2010, SecurityFocus