BSA-2017-221
21547
31 March 2017
31 March 2017
Closed
N/A
N/A
N/A
CVE-2016-7428
Summary
Security Advisory ID : BSA-2017-221
Component : Low bandwidth ICMP attack
Revision : 1.0: Interim
Blacknurse is a low bandwidth ICMP attack that is capable of doing denial of service to well knownfirewalls.Most ICMP attacks that we see are based on ICMP Type 8 Code 0 also called a ping flood attack. BlackNurse is based on ICMP with Type 3 Code 3 packets. We know that when a user has allowed ICMP Type 3 Code 3 to outside interfaces, the BlackNurse attack becomes highly effective even at low bandwidth.
Affected Products
Product | Current Assessment |
---|---|
Brocade 5400 vRouter | Impacted: Fixed in 6.7R12. |
Brocade 5600 vRouter | Impacted: Fixed in 5.2R1. |
Products Confirmed Not Vulnerable
Brocade Fabric OS, Brocade FastIron OS, Brocade NetIron OS, Brocade Network Advisor, Brocade Network OS, Brocade SDN Controller, Brocade ServerIron ADX, Brocade Services Director, Brocade SLX-OS, Brocade Virtual ADX, Brocade Virtual Traffic Manager: Software, and Brocade Virtual Web Application Firewall are confirmed not affected by this vulnerability.
Workaround
There are no workarounds that address this vulnerability.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | March 31, 2017 |