VULHUB ™

A potential denial of service exists in Hewlett-Packard's proprietary protocol for discovering the maximum path MTU (PMTU) for a give connection. This feature could potentially be used to cause denial of services, using HPUX machines as "amplifiers." Essentially, HP machines which are vulnerable can, under certain conditions, be coerced in to sending far more data outbound than they receive inbound. By forging source addresses, it is possible to send a small quantity of packets purporting to be from a given source, and cause the HPUX machine to send multiple packets in response. This could potentially be used as a denial of service. HP's proprietary path discover protocol works by sending data in parallel with ICMP packets being used for path discovery. While exact details of the nature of the denial of service were not made public, presumably it could be possible to utilize UDP packets, and default UDP services to start the chain of events leading to a denial of service

A potential denial of service exists in Hewlett-Packard's proprietary protocol for discovering the maximum path MTU (PMTU) for a give connection. This feature could potentially be used to cause denial of services, using HPUX machines as "amplifiers." Essentially, HP machines which are vulnerable can, under certain conditions, be coerced in to sending far more data outbound than they receive inbound. By forging source addresses, it is possible to send a small quantity of packets purporting to be from a given source, and cause the HPUX machine to send multiple packets in response. This could potentially be used as a denial of service. HP's proprietary path discover protocol works by sending data in parallel with ICMP packets being used for path discovery. While exact details of the nature of the denial of service were not made public, presumably it could be possible to utilize UDP packets, and default UDP services to start the chain of events leading to a denial of service