Service Location Protocol (SLP) are vulnerable to a reflective denial of service amplification attack via UDP. SLP allows an unauthenticated attacker to register new services up to whatever limits set by the SLP implementation. Using UDP and spoofing the source address, an attacker can request the service list, creating a DoS attack on the spoofed address. The amplificaiton factor can reach 2200x.
Created openslp tracking bugs for this issue:
Affects: fedora-all [bug 2189600]
This flaw is a network protocol design flaw, a software fix is not easily possible.
SLP was not intended to be made available to the public Internet. According to RFC 2165 ():
"Service Location provides a dynamic configuration mechanism for
applications in local area networks. It is not a global resolution
system for the entire Internet; rather it is intended to serve
enterprise networks with shared services."
SLP should be disabled on all systems running on untrusted networks, like those directly connected to the Internet.
If that is not possible, then firewalls should be configured to block or filter traffic on UDP and TCP port 427.
This will prevent external attackers from accessing the SLP service.
Hi @msiddiqu please do not change any markup in the Doc Text field. Thank you.