Bugtraq mailing list archives
Re: The overlapping fragment bug
From: paulle () MICROSOFT COM (Paul Leach)
Date: Fri, 14 Nov 1997 19:54:17 -0800
July 1, 1997 ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfixes-po stSP3/icmp-fix/ Which is incorporated with other TCP related fixes at: ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfixes-po stSP3/simptcp-fix/
---------- From: Alan Cox[SMTP:alan () LXORGUK UKUU ORG UK] Reply To: Alan Cox Sent: Friday, November 14, 1997 11:54 AM To: BUGTRAQ () NETSPACE ORG Subject: The overlapping fragment bug Well after some testing its quite effective against Linux [fix available and will be in 2.0.32 as standard], NT, 95, Win 3.11 and also a couple of others it seems - DOS Novell TCP/IP and PCNFS 4.0 (reportedly). BSD derived stacks, various routers, Solaris MacOS and HP/UX all seem fine. The actual exploit can also be slightly improved. Make it a tcp frame, make the destination port 80 and it goes through most firewalls like a bullet through cheese and seems to keep its effectiveness. You can screen the stuff behind a firewall if your firewall reassembles fragments (and is of course itself not vulnerable 8)). Any news on the microsoft fix expected date/times ? Alan
Current thread:
- Re: The overlapping fragment bug Paul Leach (Nov 14)
