[ SOURCE: http://www.secureroot.com/security/advisories/9677979017.html ]

Intel Express Switch 500 series DoS



Advisory Code:   VIGILANTE-2000007



Release Date:

August 28, 2000



Systems Affected:

Intel Express Switch 550F

- Firmware version 2.63

- Firmware version 2.64

Based on the response from Intel (quoted below), it is very likely that

other switches from the same series are also affected.



THE PROBLEM

By sending an IP packet, either to the Intel Express 550F or a host behind

it, with a malformed IP-header, the box crashes. To restart it, you need

to pull the plug (the reset button also looses functionality).



Vendor Status:

Intel was contacted on the 18th of July, and on the 21st of July a beta fix

was produced. Regression testing on the fix is not yet complete.



Fix (quote from the vendor):

"We're still working on a solution for you. Until then, I would advise that

any reporting, from you/your company, of this issue with the 500 series

switches MUST include a statement which indicates contacting Intel® Customer

Support for a fix. Following this, Intel® Customer Support will send the

patch to the customer(s).



For a list of phone numbers to get in touh with us, please refer to the

following URL: http://www.intel.com/support/9089.htm"





Vendor   URL: http://www.intel.com

Product  URL: http://www.intel.com/network/products/exp550t_f.htm

Copyright VIGILANTe 2000-07-14



Disclaimer:

The information within this document may change without notice. Use of

this information constitutes acceptance for use in an AS IS

condition. There are NO warranties with regard to this information.

In no event shall the author be liable for any consequences whatsoever

arising out of or in connection with the use or spread of this

information. Any use of this information lays within the user's

responsibility.



Feedback:

Please send suggestions, updates, and comments to:



VIGILANTe

mailto: swat@vigilante.com

http://www.vigilante.com