Xylogics 64 char ping DoS


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

OSIRIS 

Open Systems
Incident Response 
and Investigation Strategies
_________________________________________________________________

***OSIRIS CRITICAL ALERT*** - PLEASE READ IMMEDIATELY
_________________________________________________________________

ALERT NUMBER: o089842

DATE:  August 8, 1998
_________________________________________________________________
   
***EXECUTIVE SUMMARY***

LIST: TCP/IP

PLATFORM: Annex terminal servers from xylogics(bay).

THREAT: Ping attacks with more than 64 characters in the host name will result in a Denial of service
and system crash on these system.  Also, two or more consecutive land attacks will freeze the system
by utilizing the CPU resources. 

VULNERABILITY: Annex terminal servers from BAY are vulnerable.  The consecutive land attack only needs
a simple shell script that execute the land attack several times. 

IMPACT: The Annex terminal servers will crash.

FIX: NONE

SOURCE: BUGTRAQ

KEYWORDS: 

- ----------
DETAILS. . . 




Further Information is available at:
osiris@infosectechnologies.com
________________________________________________________________
- - OSIRIS is a service of OSIRIS Partners, LLP
- - OSIRIS subscribers may contact the OSIRIS team by e-mail at
  osiris@versalink.com.  
- - The OSIRIS team, in partnership with InfoSEC Technologies 
  provides on-site response assistance in the event of a security 
  incident.  For information e-mail info@infosectechnologies.com. 
- - For emergency response send a brief (140 or fewer characters) 
  e-mail message to: pageprs@versalink.com. 
- - On site Intrusion Management and incident investigation training 
  is provided in cooperation with the Computer Security Institute.  
  For information e-mail: psalaway@mfi.com.




===========================================================
	Nan Poulios				http://www.infosectechnologies.com
	
	248-650-2699				248-375-2315 - FAX
		  
For my PGP Public Key: http://www.infosectechnologies.com/keys/np-pgp.htm 
===========================================================

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.2

iQA/AwUBNcxKpkMSkfNGu+BjEQImtACfcM+keSGnmRr0d9LJ5Kdm32XnCzMAoL2H
gEskxwpKTbRErUB4+fYWjVQk
=3nbt
-----END PGP SIGNATURE-----