CVE-2005-4316
HP-UX B.11.00 B.11.04 B.11.11 B.11.23 - Denial of Service via Rose Attack
Title source: llmExploitation Summary
EIP tracks 4 public exploits for CVE-2005-4316. PoCs published by Ken Hollis, Coolio.
AI-analyzed exploit summary This exploit implements the 'Rose Attack' (a variation of the 'New Dawn attack') to perform a remote denial-of-service (DoS) by sending highly fragmented TCP or UDP packets, causing high CPU utilization on vulnerable systems. It leverages the netwib library to craft and send malformed packets with configurable fragmentation parameters.
Description
HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.
Exploits (4)
This exploit implements the 'Rose Attack' (a variation of the 'New Dawn attack') to perform a remote denial-of-service (DoS) by sending highly fragmented TCP or UDP packets, causing high CPU utilization on vulnerable systems. It leverages the netwib library to craft and send malformed packets with configurable fragmentation parameters.
This exploit implements the 'New Dawn' attack, a variation of the 'Rose Attack,' which targets inefficiencies in TCP/IP stack handling of fragmented packets to cause a denial-of-service (DoS). It sends highly fragmented TCP or UDP packets with configurable parameters to overwhelm the target system.
This exploit targets a TCP/IP stack vulnerability (CVE-2005-4316) by sending fragmented ICMP packets to trigger a denial-of-service condition. It uses raw sockets to craft and send malformed packets with overlapping fragments, exhausting system resources.
This exploit targets a denial-of-service vulnerability in multiple TCP stack implementations by sending fragmented ICMP packets to trigger inefficient reassembly, leading to resource exhaustion. It is a variation of the 'Rose Attack' and affects systems like Microsoft Windows 2000/XP and Linux kernel 2.4.