Vigil@nce - ICMP: denial of service via ICMP Type 3 Code 3, BlackNurse
January 2017 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can send numerous ICMP Type 3 Code 3 packets to some
routers/firewalls, in order to trigger a denial of service.
Impacted products: ASA, IOS by Cisco, Cisco Router, FortiGate,
FortiGate Virtual Appliance, FortiOS, Palo Alto Firewall PA***,
PAN-OS.
Severity: 2/4.
Creation date: 16/11/2016.
DESCRIPTION OF THE VULNERABILITY
The ICMP protocol uses packets of Type 3 Code 3 to announce that a
port is unreachable. This packet is usually sent as a reply to the
sender of a packet sent to a closed TCP/UDP port.
However, when numerous ICMP Type 3 Code 3 packets are received,
some devices uselessly consume many resources to process them.
An attacker can therefore send numerous ICMP Type 3 Code 3 packets
to some routers/firewalls, in order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/ICMP-denial-of-service-via-ICMP-Type-3-Code-3-BlackNurse-21138