Source Routed Packet Weakness

info Nessus Plugin ID 11834

Language:

Synopsis

The remote host accepts loose source routed IP packets.

Description

The remote host accepts loose source routed IP packets.
The feature was designed for testing purpose.

An attacker may use it to circumvent poorly designed IP filtering and exploit another flaw. However, it is not dangerous by itself.

Solution

Drop source routed packets on this host or on other ingress routers or firewalls.

See Also

http://www.faqs.org/faqs/cisco-networking-faq/section-23.html

Plugin Details

Severity: Info

ID: 11834

File Name: source_routed.nasl

Version: 1.26

Type: remote

Family: Firewalls

Published: 9/9/2003

Updated: 3/6/2019

Supported Sensors: Nessus