CVE-ID

CVE-1999-0257

• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
Nestea variation of teardrop IP fragmentation denial of service.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
19990607 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Proposed (19990726)
Votes (Legacy)
ACCEPT(1) Wall
MODIFY(1) Frech
REVIEWING(1) Christey
Comments (Legacy)
 Frech> XF:nestea-linux-dos
 Christey> Not sure how many separate "instances" of Teardrop
   and its ilk.  Also see comments on CVE-1999-0001.
   
   See: CVE-1999-0015, CVE-1999-0104, CVE-1999-0257, CVE-1999-0258
   
   Is CVE-1999-0001 the same as CVE-1999-0052?  That one is related
   to nestea (CVE-1999-0257) and probably the one described in
   BUGTRAQ:19981023 nestea v2 against freebsd 3.0-Release
   The patch for nestea is in ip_input.c around line 750.
   The patches for CVE-1999-0001 are in lines 388&446.  So, 
   CVE-1999-0001 is different from CVE-1999-0257 and CVE-1999-0052.
   The FreeBSD patch for CVE-1999-0052 is in line 750.
   So, CVE-1999-0257 and CVE-1999-0052 may be the same, though
   CVE-1999-0052 should be RECAST since this bug affects Linux
   and other OSes besides FreeBSD.
   
   Also see BUGTRAQ:19990909 CISCO and nestea.
   
   Finally, note that there is no fundamental difference between
   nestea and nestea2/nestea-v2; they are different ports that
   exploit the same problem.
   
   The original nestea advisory is at
   http://www.technotronic.com/rhino9/advisories/06.htm
   but notice that the suggested fix is in line 375 of
   ip_fragment.c, not ip_input.c.
 Christey> See the SCO advisory at:
   http://www.securityfocus.com/templates/advisory.html?id=1411
   which may further clarify the issue.
 Christey> BUGTRAQ:19980501 nestea does other things
   http://marc.theaimsgroup.com/?l=bugtraq&m=90221101925819&w=2
   BUGTRAQ:19980508 nestea2 and HP Jet Direct cards.
   URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221101925870&w=2
   BUGTRAQ:19981027 nestea v2 against freebsd 3.0-Release
   URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90951521507669&w=2
   
   Nestea source code is in
   MISC:http://oliver.efri.hr/~crv/security/bugs/Linux/ipfrag6.html

Proposed (Legacy)
19990726
This is an entry on the CVE list, which standardizes names for security problems.