PT-2001-1000 · Fanuc · Fanuc 32I

Published

2001-01-09

Updated

2018-10-12

CVE-2000-1039

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions FANUC 32i (affected versions not specified)

Description The issue is related to the incorrect handling of fragmented packets, which can be exploited by an attacker to disrupt the TCP/IP stack and cause a denial of service. This can be achieved by sending specially crafted fragmented packets. The problem is also related to the "NAPTHA" class of vulnerabilities, where an attacker can flood a target host with TCP connection attempts and complete the TCP/IP handshake without maintaining the connection state on the attacker host.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

BDU:2014-00221

CVE-2000-1039

Affected Products

Fanuc 32I

PT-2001-1000 · Fanuc · Fanuc 32I

CVE-2000-1039

Weakness Enumeration

Related Identifiers

Affected Products

References · 7