ICMP Netmask Request Information Disclosure

low Nessus Plugin ID 10113

Synopsis

The remote host is affected by an information disclosure vulnerability.

Description

The remote host answers to an ICMP_MASKREQ query and responds with its netmask. An attacker can use this information to understand how your network is set up and how routing is done. This may help him to bypass your filters.

Solution

Reconfigure the remote host so that it does not answer to those requests. Set up filters that deny ICMP packets of type 17.

Plugin Details

Severity: Low

ID: 10113

File Name: icmp_mask_req.nasl

Version: 1.44

Type: remote

Family: General

Published: 7/29/1999

Updated: 5/3/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Low

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-1999-0524

Vulnerability Information

Vulnerability Publication Date: 1/1/1995

Reference Information

CVE: CVE-1999-0524

CWE: 200