COMMAND

	Fore/Marconi ATM Switch \'land\' vulnerability

SYSTEMS AFFECTED

	Versions FT6.1.1 and FT7.0.1

PROBLEM

	Seeker of Truth [seeker_sojourn@hotmail.com] found following:
	

	Labratory testing indicates that a single \'land\' packet  sent  to  the
	telnet port (23) of either the  inband  or  out-of-band  interface  will
	cause the device to stop responding to ip traffic. Over  the  course  of
	6-1/2 minutes, all CPU will be consumed and device reboots.
	

	Basically a packet is forged with the source and destination IP  address
	and ports identical.
	

	We reproduced it using Internet Security Scanner 6.01 and  the  \'land\'
	and \'ciscoland\' tests. Many sources and derivatives are  available  on
	public security websites.
	

	It\'s a TCP/IP stack bug that\'s been known since 1997.  Here  are  some
	links
	

	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0016
	http://www.cert.org/advisories/CA-1997-28.html
	

	Vendor notified one year ago today :-)

SOLUTION

	Nothing yet.