Guest

Cisco Security

Cisco Security

IP options-Bad Option List

 
Signature ID: 1000/0
Original Release:S2
Release:S2 (download)
Original Release Date:2001 February 02
Latest Release Date:2001 February 02
Default Enabled:False
Default Retired:True
CVE:CVE-1999-0016 , CVE-2004-0230 , CVE-2004-0790 , CVE-2004-0791 , CVE-2004-1060 , CVE-2005-0048 , CVE-2005-0065 , CVE-2005-0066 , CVE-2005-0067 , CVE-2005-0068 , CVE-2005-0688 , CVE-2005-1649
BugTraq ID:10183 , 13116 , 13124 , 13658 , 2666
Alarm Severity:Informational
Fidelity:75 

Description

Triggers on receipt of an IP datagram where the list of IP options in the IP datagram header is incomplete or malformed. The IP options list contains one or more options that perform various network management or debugging tasks. The first field of each option in the list consists of an eight bit code field that is broken into three subfields: COPY (Bit 0):Specifies to routers if the option information should be included in fragment headers. CLASS (Bits 1-2): Specifies 1 of 2 valid option classes: Network Control, Debugging NUMBER (Bits 3-7): Specifies one of eight valid IP options. Option zero indicates end of list. No known exploits purposely incorporate this option. This does not preclude the possibility that exploits do exist outside of the realm of Cisco Systems knowledge domain or that poorly written hacker code may produce malformed datagrams.

Recommended Filter

No recommended filters.

Benign Triggers

There is no legitimate use for malformed datagrams. This may be indicative of systems that are experiencing problems with their kernel or NIC cards. This is unusual traffic and warrants investigation.

Download

To download this and other IPS update files, please go to Cisco Secure Software Download.

LEGAL DISCLAIMER
THE INFORMATION ON THIS PAGE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION CONTAINED HEREIN, OR MATERIALS LINKED FROM THE DOCUMENT, IS AT YOUR OWN RISK. INFORMATION IN THIS DOCUMENT AND ANY RELATED COMMUNICATIONS IS BASED ON OUR KNOWLEDGE AT THE TIME OF PUBLICATION AND IS SUBJECT TO CHANGE WITHOUT NOTICE. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
Powered by  IntelliShield