Home page logo
/

bugtraq logo Bugtraq mailing list archives

Simple TCP service hotfix reposted
From: paulle () MICROSOFT COM (Paul Leach)
Date: Fri, 15 Aug 1997 16:08:55 -0700


The Simple TCP/IP service hotfix was discovered to have some problems
and was withdrawn. It has now been reposted at
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfixe
s-postSP3/simptcp-fix

From the KB article accompanying the fix:

Windows NT TCP/IP, Windows Sockets, and Simple TCP/IP services have been
modified to be more attack resistant. Windows Sockets now supports a new
socket option, SO_BROADCAST, that can be set to allow the recvfrom()
call
to pass broadcast datagrams to the application. The default for this
option
is OFF. Previous implementations passed broadcasts datagrams to any
Windows
Sockets application that issued a recvfrom() call. Additionally, the
chargen service and other Simple TCP/IP services have been modified to
drop
any datagrams that have the source port equal to the destination port to
prevent "looping" attacks.

Paul
------------------------------
Paul J. Leach
paulle () microsoft com



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault