GEN:SID | 1:273 |
Message | DOS IGMP dos attack |
Summary | This event is generated when a remote attacker transmits fragmented IGMP packets with malformed headers to the internal network, indicating an IGMP Denial of Service (DoS) attack.
|
Impact | Denial of service.
|
Detailed Information | If an IGMP packet with a malformed header is transmitted to an unpatched Microsoft Windows computer, the computer may crash when it attempts to process the packet.
|
Affected Systems | Microsoft Windows 95 Microsoft Windows 98 Microsoft Windows 98 SE Microsoft Windows NT 4
|
Attack Scenarios | An attacker sends fragmented IGMP packets with malformed headers to a target computer. If the computer is running an unpatched version of Windows, it may crash.
|
Ease of Attack | Simple. Exploits exist.
|
Corrective Action | Install the latest patches available for your operating system. See http://www.microsoft.com/technet/security/bulletin/ms99-034.asp for more information.
Implement a packet-filtering firewall to block inappropriate traffic to the network.
|
Additional References | Bugtraq http://www.securityfocus.com/bid/514
Microsoft http://www.microsoft.com/technet/security/bulletin/ms99-034.asp
|
Rule References | cve: 1999-0918
bugtraq: 514
|