CVE

Id
193  
CVE No.
CVE-1999-0193  
Status
Candidate  
Description
Denial of service in Ascend and 3com routers, which can be rebooted by sending a zero length TCP option.  
Phase
Proposed (19990714)  
Votes
ACCEPT(5) Bishop, Cole, Northcutt, Ozancin, Shostack | MODIFY(2) Baker, Blake | NOOP(4) Armstrong, Frech, Landfield, Wall | REVIEWING(2) Christey, Levy  
Comments
Frech> possibly XF:ascend-kill | I can"t find a reference that lists both routers in the same reference. | Wall> Comment: There is a reference about the zero length TCP option in BugTraq on | Feb 5, 1999 | and it mentions Cisco, but not directly Ascend or 3Com. CIAC Advisory I-038 | mentions | vulnerabilities in Ascend, but does not mention TCP. CIAC Advisory I-052 | mentions | 3Com vulnerabilities, but not TCP. Too confusing withour better references. | Landfield> What are the references for this ? I cannot find a means to check it out. | CHANGE> [Frech changed vote from REVIEWING to NOOP] | Frech> Cannot reconcile to our database without further references. | Blake> I"m with Andre. I only remember and can find reference to the Ascend | issue. Do we have a refernce to the 3Coms? If not, that should be | removed from the description. | Baker> http://xforce.iss.net/static/614.php Misc Defensive Info | http://www.securityfocus.com/archive/1/5682 Misc Offensive Info | http://www.securityfocus.com/archive/1/5647 Misc Defensive Info | http://www.securityfocus.com/archive/1/5640 Misc Defensive Info | CHANGE> [Armstrong changed vote from REVIEWING to NOOP]  

Actions

Related CVE References

Related JVN