GEN:SID | 1:270 |
Message | DOS Teardrop attack |
Summary | This event is generated when an attempt is made to issue a Teardrop Denial of Service (DoS) attack.
|
Impact | Denial of Service.
|
Detailed Information | Teardrop exploits a vulnerability in some TCP/IP stack implementations.
The program sends a specially crafted fragmented packet where the first fragment has offset 0 and data length N and the second fragment has an offset less than N (The fragments overlap). The resulting packet cannot be properly assembled.
Systems may hang or crash.
|
Affected Systems | Windows 95 Windows NT 4.0 SP3 and earlier HP HPUX 10.34 and earlier Linux kernels 2.0.31 and earlier FreeBSD 3.0 prior to October 27, 1998
|
Attack Scenarios | The can be done remotely against any open UDP port using a spoofed address.
|
Ease of Attack | Simple. Tools are readily available and require little knowledge on the part of the attacker.
|
Corrective Action | Patches are available from all affected vendors. Newer versions from each vendor are not vulnerable.
|
Additional References | Bugtraq: http://www.securityfocus.com/bid/124
CERT: http://www.cert.org/advisories/CA-1997-28.html
FreeBSD: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/old/FreeBSD-SA-98:08.fragment.asc
|
Rule References | bugtraq: 124
cve: 1999-0015
nessus: 10279
url: www.cert.org/advisories/CA-1997-28.html
|