Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1997_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1997: Alert: Chargen Flooding fix now available

Alert: Chargen Flooding fix now available

Aleph One (aleph1DFW.NET)
Thu, 24 Jul 1997 02:27:24 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Aleph One: "Windows NT rantings from the L0pht"
Previous message: George Smith [CRYPTN]: "Review of "Underground""

---------- Forwarded message ----------
Date: Wed, 23 Jul 1997 17:09:50 -0400
From: Russ <Russ.CooperRC.ON.CA>
To: NTBUGTRAQRC.ON.CA
Subject: Alert: Chargen Flooding fix now available

Thanks to Marc Bejarano for bringing this to our attention.

Excerpt from KB Article Q154460:
A malicious attack may be mounted against Windows NT computers with the
Simple TCP/IP Services installed. The attack consists of a flood of UDP
datagrams sent to the subnet broadcast address with the destination port
set to 19 and a spoofed source IP address. The Windows NT computers
running Simple TCP/IP services respond to each broadcast, creating a
flood of UDP datagrams.

The fix, and the full KB article can be found at;

ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfixe
s-postSP3/simptcp-fix

Cheers,
Russ
R.C. Consulting, Inc. - NT/Internet Security
owner of the NTBugTraq mailing list:
http://ntbugtraq.rc.on.ca/index.html

Next message: Aleph One: "Windows NT rantings from the L0pht"
Previous message: George Smith [CRYPTN]: "Review of "Underground""