Palm OS ICMP_ECHO packets denial of service

palmos-icmp-echo-dos (12011)

Low Risk

Description:

Palm OS is vulnerable to a denial of service. If a remote attacker sends a continuous stream of ICMP_ECHO packets to an affected system, the CPU usage would increase to 100%, which would cause the system to stop responding. The system regains normal functionality once the attacker stops sending the packets or the system is restarted.

Platforms Affected:

• Palm, Palm OS

Remedy:

No remedy available as of November 29, 2008.

Consequences:

Denial of Service

References:

• BugTraq Mailing List, Wed May 14 2003 - 11:14:14 CDT , PalmOS ICMP flood DoS. at http://archives.neohapsis.com/archives/bugtraq/2003-05/0154.html.
• BID-7597: PalmOS ICMP Flood Remote Denial Of Service Vulnerability
• CVE-2003-0293: PalmOS allows remote attackers to cause a denial of service (CPU consumption) via a flood of ICMP echo request (ping) packets.

Reported:

May 14, 2003

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.

For corrections or additions please email xforce@iss.net

Return to the main page