NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Secunia Advisories> 2005-q1

[SA14512] Microsoft Windows LAND Attack Denial of Service

From: Secunia Security Advisories (sec-advsecunia.com)
Date: Mon Mar 07 2005 - 17:35:37 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

----------------------------------------------------------------------

Monitor, Filter, and Manage Security Information
- Filtering and Management of Secunia advisories
- Overview, documentation, and detailed reports
- Alerting via email and SMS

Request Trial:
https://ca.secunia.com/?f=l

----------------------------------------------------------------------

TITLE:
Microsoft Windows LAND Attack Denial of Service

SECUNIA ADVISORY ID:
SA14512

VERIFY ADVISORY:
http://secunia.com/advisories/14512/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
From remote

OPERATING SYSTEM:
Microsoft Windows Server 2003 Datacenter Edition
http://secunia.com/product/1175/
Microsoft Windows Server 2003 Enterprise Edition
http://secunia.com/product/1174/
Microsoft Windows Server 2003 Standard Edition
http://secunia.com/product/1173/
Microsoft Windows Server 2003 Web Edition
http://secunia.com/product/1176/
Microsoft Windows XP Home Edition
http://secunia.com/product/16/
Microsoft Windows XP Professional
http://secunia.com/product/22/

DESCRIPTION:
Dejan Levaja has reported a vulnerability in Microsoft Windows,
allowing malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to improper handling of IP packets
with the same destination and source IP and the SYN flag set. This
causes a system to consume all available CPU resources for a certain
period of time.

This kind of attack was first reported in 1997 and became known as
LAND attacks.

Microsoft Windows XP with SP2 and Microsoft Windows 2003 have been
reported vulnerable.

SOLUTION:
Filter traffic with the same IP address as source and destination
address at the perimeter.

PROVIDED AND/OR DISCOVERED BY:
Dejan Levaja

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]