RE: Port scan causing system crashes

From: Steve Goldsby (ICS) (sgoldsby_at_networkarmor.com)
Date: 06/12/03

  • Next message: Renaud Deraison: "Re: Port scan causing system crashes" 
    Date: Thu, 12 Jun 2003 13:38:35 -0500
To: "Helmut Springer" <delta@lug-s.org>, <pen-test@securityfocus.com>

    DGUX 2.x and below definitely die upon port scan, just like old versions
    of solaris (syn flood vulnerability).

    -----Original Message-----
    From: Helmut Springer [mailto:delta@lug-s.org]
    Sent: Thursday, June 12, 2003 11:31 AM
    To: pen-test@securityfocus.com
    Cc: steve.x.jones@royalmail.com
    Subject: Re: Port scan causing system crashes

    Hi,

    On 12 Jun 2003 at 13:23 +0200, steve.x.jones@royalmail.com wrote:
    > Please can you help? Has any-one else out there had issues with
    > NMAP port scans (or any other port scanner) causing systems to
    > crash?

    Yes.

    > I've done a quick Google search and found confirmation for one of
    > the systems - BUGTRAQ Vulnerability 3358, "IBM HACMP Port Scan
    > Denial of Service Vulnerability", the other was a bespoke app
    > running on some HP UX boxes.

      Document ID: HPSBUX0306-264
      Date Loaded: 20030604
            Title: SSRT3460 Network traffic can cause programs to fail
      [...]
       A. Background
          Certain network traffic can cause programs to fail. An
          example of potentially vulnerable program is diagmond.
      [...]

    > Up til now I've been running port scans happily across our subnets
    > to look for rogue FTP, SMTP, HTTP etc, obviously I'll have to take
    > more care now...

    One might say that you just find systems vulnerable to DoS attacks
    this way, but in general scanning a pruduction environment always
    carries a risk... 

    -- 
MfG/Best Regards,                  "If we keep our pride...
helmut springer                     Though paradise is lost
                                    We will pay the price,
                                    But we will not count the cost."
------------------------------------------------------------------------
---
------------------------------------------------------------------------
----
---------------------------------------------------------------------------
----------------------------------------------------------------------------
  • Next message: Renaud Deraison: "Re: Port scan causing system crashes"

    Relevant Pages

    • RE: Port scan causing system crashes
      ... Security Engineer ... Port scan causing system crashes ... Has any-one else out there had issues with NMAP port scans ... BUGTRAQ Vulnerability 3358, "IBM HACMP Port Scan Denial of Service Vulnerability", ...
      (Pen-Test)
    • Crackers Targeting Web JetAdmin 6.5 Vulnerability
      ... via a vulnerability in HP Web JetAdmin 6.5 (default port of 8000/tcp). ... The specific vulnerability is referenced at the following URL: ... The backdoor kit that was downloaded was just under 1MB, and when run, ...
      (Incidents)
    • Re: pen test
      ... you pen test your host, I could have said ask them, but instead provided ... of a Vulnerability Identification step of a Risk Management plan. ... **System security testing, using methods such as automated vulnerability ... For example, an open port, let's say, port 80 is open on your host. ...
      (Security-Basics)
    • Re: pen test
      ... of a Vulnerability Identification step of a Risk Management plan. ... **System security testing, using methods such as automated vulnerability ... just need to VM the box and pen test if off the VM not the live. ... For example, an open port, let's say, port 80 is open on your host. ...
      (Security-Basics)
    • [NEWS] Novell Border Manager Multiple Vulnerabilities
      ... Multiple vulnerabilities identified in Novell Border Manager 3.6. ... The first vulnerability is within the FTP-proxy server of BM 3.6. ... The second vulnerability is in the IP/IPX gateway on tcp port 8225. ...
      (Securiteam)