Home page logo

bugtraq logo Bugtraq mailing list archives

Simple TCP service hotfix reposted
From: paulle () MICROSOFT COM (Paul Leach)
Date: Fri, 15 Aug 1997 16:08:55 -0700

The Simple TCP/IP service hotfix was discovered to have some problems
and was withdrawn. It has now been reposted at

From the KB article accompanying the fix:

Windows NT TCP/IP, Windows Sockets, and Simple TCP/IP services have been
modified to be more attack resistant. Windows Sockets now supports a new
socket option, SO_BROADCAST, that can be set to allow the recvfrom()
to pass broadcast datagrams to the application. The default for this
is OFF. Previous implementations passed broadcasts datagrams to any
Sockets application that issued a recvfrom() call. Additionally, the
chargen service and other Simple TCP/IP services have been modified to
any datagrams that have the source port equal to the destination port to
prevent "looping" attacks.

Paul J. Leach
paulle () microsoft com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]