Clan x86

Technical (Development, Security, etc.) => General Security Information => Topic started by: iago on March 07, 2005, 08:41:07 pm

Title: Windows XP SP2 vulnerable to LAND attacks
Post by: iago on March 07, 2005, 08:41:07 pm

Quote

TITLE:
Microsoft Windows LAND Attack Denial of Service

SECUNIA ADVISORY ID:
SA14512

VERIFY ADVISORY:
http://secunia.com/advisories/14512/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
>From remote

OPERATING SYSTEM:
Microsoft Windows Server 2003 Datacenter Edition
http://secunia.com/product/1175/
Microsoft Windows Server 2003 Enterprise Edition
http://secunia.com/product/1174/
Microsoft Windows Server 2003 Standard Edition
http://secunia.com/product/1173/
Microsoft Windows Server 2003 Web Edition
http://secunia.com/product/1176/
Microsoft Windows XP Home Edition
http://secunia.com/product/16/
Microsoft Windows XP Professional
http://secunia.com/product/22/

DESCRIPTION:
Dejan Levaja has reported a vulnerability in Microsoft Windows,
allowing malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to improper handling of IP packets
with the same destination and source IP and the SYN flag set. This
causes a system to consume all available CPU resources for a certain
period of time.

This kind of attack was first reported in 1997 and became known as
LAND attacks.

Microsoft Windows XP with SP2 and Microsoft Windows 2003 have been
reported vulnerable.

SOLUTION:
Filter traffic with the same IP address as source and destination
address at the perimeter.

PROVIDED AND/OR DISCOVERED BY:
Dejan Levaja

Title: Re: Windows XP SP2 vulnerable to LAND attacks
Post by: Joe on March 08, 2005, 08:02:38 am

Pssh. Thats M$ for ya. Go slack! Go Slack!!