BlackNurse.ICMP.Type.3.Code.3.Flood.DoS
Description
This indicates an attempt to exploit the BlackNurse Denial Of Service vulnerability in various products.
The vulnerability is due to improper handling of ICMP type 3 code 3 requests. A remote attacker may be able to exploit this to cause a denial of service condition on the affected system. The signature detects for 250 ICMP requests within 1 second. Customers should adjust the rate to suit their needs.
Affected Products
Cisco ASA 5515, 5525 (default settings)
Cisco ASA 5550 (Legacy) and 5515-X (latest generation)
SonicWall
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Currently we are unaware of any vendor supplied patch or updates available for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |