CVE
- Id
- 256
- CVE No.
- CVE-1999-0257
- Status
- Candidate
- Description
- Nestea variation of teardrop IP fragmentation denial of service.
- Phase
- Proposed (19990726)
- Votes
- ACCEPT(1) Wall | MODIFY(1) Frech | REVIEWING(1) Christey
- Comments
- Frech> XF:nestea-linux-dos | Christey> Not sure how many separate "instances" of Teardrop | and its ilk. Also see comments on CVE-1999-0001. | | See: CVE-1999-0015, CVE-1999-0104, CVE-1999-0257, CVE-1999-0258 | | Is CVE-1999-0001 the same as CVE-1999-0052? That one is related | to nestea (CVE-1999-0257) and probably the one described in | BUGTRAQ:19981023 nestea v2 against freebsd 3.0-Release | The patch for nestea is in ip_input.c around line 750. | The patches for CVE-1999-0001 are in lines 388&446. So, | CVE-1999-0001 is different from CVE-1999-0257 and CVE-1999-0052. | The FreeBSD patch for CVE-1999-0052 is in line 750. | So, CVE-1999-0257 and CVE-1999-0052 may be the same, though | CVE-1999-0052 should be RECAST since this bug affects Linux | and other OSes besides FreeBSD. | | Also see BUGTRAQ:19990909 CISCO and nestea. | | Finally, note that there is no fundamental difference between | nestea and nestea2/nestea-v2; they are different ports that | exploit the same problem. | | The original nestea advisory is at | http://www.technotronic.com/rhino9/advisories/06.htm | but notice that the suggested fix is in line 375 of | ip_fragment.c, not ip_input.c. | Christey> See the SCO advisory at: | http://www.securityfocus.com/templates/advisory.html?id=1411 | which may further clarify the issue. | Christey> BUGTRAQ:19980501 nestea does other things | http://marc.theaimsgroup.com/?l=bugtraq&m=90221101925819&w=2 | BUGTRAQ:19980508 nestea2 and HP Jet Direct cards. | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221101925870&w=2 | BUGTRAQ:19981027 nestea v2 against freebsd 3.0-Release | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90951521507669&w=2 | | Nestea source code is in | MISC:http://oliver.efri.hr/~crv/security/bugs/Linux/ipfrag6.html
