SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Embedded Server/Appliance)  >   Intel Ethernet Controller Vendors:   Intel
Intel 82574L Ethernet Controller Packet Processing Flaw Lets Remote Users Deny Service
SecurityTracker Alert ID:  1028089
SecurityTracker URL:  http://securitytracker.com/id/1028089
CVE Reference:   CVE-2013-1634   (Links to External Site)
Updated:  Feb 12 2013
Original Entry Date:  Feb 6 2013
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): Model 82574L
Description:   A vulnerability was reported in the Intel 82574L Ethernet Controller, as configured on some motherboards. A remote user can cause denial of service conditions.

A remote user can send specially crafted data to cause the target device to crash. A network layer packet (layer 3) containing certain values at certain offsets within the Ethernet frame can trigger the flaw.

A power cycle is required to return the system to normal operation.

Only some (unspecified) motherboards are affected. The vulnerability is due to a misconfigured EEPROM on the motherboard and not in the Intel Ethernet Controller itself. Motherboards configured by the motherboard manufacturer in accordance with Intel's design guidelines are not affected.

The original advisory is available at:

http://blog.krisk.org/2013/02/packets-of-death.html

Kristian Kielhofner reported this vulnerability.

Impact:   A remote user can cause the target controller to crash.
Solution:   Motherboards with correctly configured EEPROM images are not affected.

The vendor's advisory is available at:

http://communities.intel.com/community/wired/blog/2013/02/07/intel-82574l-gigabit-ethernet-controller-statement

Vendor URL:  communities.intel.com/community/wired/blog/2013/02/07/intel-82574l-gigabit-ethernet-controller-statement (Links to External Site)
Cause:   State error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC