A leading computer security group is warning
individuals who use computer running certain variants of the UNIX operating
system that they could be susceptible to a TCP/IP hack.
The Computer Emergency Response Team
Coordination Center, or CERT, warned earlier this week that certain
versions of the Free BSD and Berkeley Software Design version of UNIX are
vulnerable.
CERT said intruders who construct a sequence of packets with certain
characteristics can cause vulnerable systems to crash, hang or behave
unpredictably. CERT did not detail the characteristics necessary for the
attacks to be successful. The organization said the attack has similar
effects to other well-known denial-of-service vulnerabilities.
The organization urged network administrators using the affected systems to
configure their routers or firewalls to reduce hackers’ ability to spoof
source addresses.
“Currently, the best method to reduce the number of IP-spoofed packets
exiting your network is to install filtering on your routers that require
packets leaving your network to have a source address from your internal
network. This type of filter prevents a source IP-spoofing attack from your
site by filtering all outgoing packets that contain a source address of a
different network,” CERT’s advisory said.
A detailed list of vendors whose products are affected is available here.