ascend kill


Category: Denial of Service
Title: Ascend Kill
Summary: Crashes an ascend router
Description: It was possible to make
the remote Ascend router reboot by sending
it a UDP packet containing special data on
port 9 (discard).

An attacker may use this flaw to make your
router crash continuously, preventing
your network from working properly.

Solution : filter the incoming UDP traffic coming
to port 9. Contact Ascend for a solution.

Port(s) Protocol Service Details Source
9 tcp,udp Discard Discard server – this protocol is only installed on machines for test purposes. The service listening at this port (both TCP and UDP) simply discards any input.

See also: [RFC863], CVE-1999-0060
Intrusions: Ascend kill
This exploit kills Ascend routers by sending them a specially formatted malformed TCP packet. On certain versions of the Ascend operating system, the router can be forced to cause an internal error, resulting in the router rebooting.

9 tcp,udp Discard (official) Wikipedia
9 tcp,udp discard Discard [RFC4960] [RFC4340] IANA
9 tcp,udp discard Discard SANS
9 tcp,udp discard sink null Nmap

5 records found

Discard Protocol

This RFC specifies a standard for the ARPA Internet community.  Hosts on
the ARPA Internet that choose to implement a Discard Protocol are
expected to adopt and implement this standard.


A useful debugging and measurement tool is a discard service. A discard service simply throws away any data it receives.

TCP Based Discard Service

   One discard service is defined as a connection based application on
   TCP.  A server listens for TCP connections on TCP port 9.  Once a
   connection is established any data received is thrown away.  No
   response is sent.  This continues until the calling user terminates
   the connection.

UDP Based Discard Service

   Another discard service is defined as a datagram based application on
   UDP.  A server listens for UDP datagrams on UDP port 9.  When a
   datagram is received, it is thrown away.  No response is sent.