Ascend UDP DoS


SNI-26 Ascend Advisory


The following exploit script was posted to http://www.rootshell.com

/*
 * Ascend Kill II - C version
 *
 * (C) 1998 Rootshell - http://www.rootshell.com/ 
 *
 * Distribute freely.
 *
 * Released: 3/16/98
 *
 * Thanks to Secure Networks.  See SNI-26: Ascend Router Security Issues
 * (http://www.secnet.com/sni-advisories/sni-26.ascendrouter.advisory.html)
 *
 * Sends a specially constructed UDP packet on the discard port (9)
 * which cause Ascend routers to reboot.  (Warning! Ascend routers will
 * process these if they are broadcast packets.)
 *
 * Compiled under RedHat 5.0 with glibc.
 *
 * NOTE: This program is NOT to be used for malicous purposes.  This is
 *       intenteded for educational purposes only.  By using this program
 *       you agree to use this for lawfull purposes ONLY.
 *
 * It is worth mentioning that Ascend has known about this bug for quite
 * some time.
 *
 * Fix:
 *
 * Filter inbound UDP on port 9.
 *
 */

#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 

[code snipped...]

  if (argc != 3)
    errs ("Usage: %s  \n", argv[0]);

[code snipped...]

=-=

From kit@CONNECTNET.COM Tue Mar 17 19:48:59 1998
From: Kit Knox 
To: BUGTRAQ@NETSPACE.ORG
Date: Tue, 17 Mar 1998 08:47:20 -0800
Subject: Ascend Kill II - perl version

This is for everyone who had problems with the Linux only version in C.
This should be pretty cross platform.  (Requires perl 5.x)

#!/usr/bin/perl

[perl DoS script snipped...]