[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-92644-4

Platform: cpe:/o:ubuntu:ubuntu_linux:18.04Date: (C)2019-11-07   (M)2023-07-04



ICMP redirect messages are packets that convey routing information and tell your host (acting as a router) to send packets via an alternate path. It is a way of allowing an outside routing device to update your system routing tables. By setting net.ipv4.conf.all.accept_redirects to 0, the system will not accept any ICMP redirect messages, and therefore, wont allow outsiders to update the systems routing tables. Rationale: Attackers could use bogus ICMP redirect messages to maliciously alter the system routing tables and get them to send packets to incorrect networks and allow your system packets to be captured.


Parameter:

[no/yes]


Technical Mechanism:

Set the net.ipv4.conf.all.accept_redirects and net.ipv4.conf.default.accept_redirects parameters to 0 in /etc/sysctl.conf: net.ipv4.conf.all.accept_redirects=0 net.ipv4.conf.default.accept_redirects=0 Modify active kernel parameters to match: # /sbin/sysctl -w net.ipv4.conf.all.accept_redirects=0 # /sbin/sysctl -w net.ipv4.conf.default.accept_redirects=0 # /sbin/sysctl -w net.ipv4.route.flush=1

CCSS Severity:CCSS Metrics:
CCSS Score : 9.3Attack Vector: NETWORK
Exploit Score: 3.9Attack Complexity: LOW
Impact Score: 4.7Privileges Required: NONE
Severity: CRITICALUser Interaction: NONE
Vector: AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:HScope: CHANGED
 Confidentiality: LOW
 Integrity: NONE
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:51243


OVAL    1
oval:org.secpod.oval:def:51243
XCCDF    1
xccdf_org.secpod_benchmark_general_Ubuntu_18_04

© SecPod Technologies