Bugtraq mailing list archives
Re: IGMP fragmentation bug
From: aleph1 () SECURITYFOCUS COM (Aleph One)
Date: Tue, 13 Jul 1999 00:13:47 -0700
Summary of the responses to this query. It seems the vulnerability can't be reproduces reliably in all instances. Try running the exploits for several minutes. Successful results have been obtained across a LAN as well as over the Internet. The result can vary from rebooting the machine, blue screen of death or killing networking. Several exploits have been produced, including kod, kox, pimp, moyari13, misfrag, faux and bengay. If you can't reproduce the vulnerability with one try another. All version of Windows 95 and 98 are believed to be vulnerable (standard, OEM, SE, other languages). The are reports of Windows 200 Advance Server Beta 3, Professional Beta 3 and Server Beta 3 being vulnerable. The are mixed reports of Windows 2000 build 2000 being vulnerable. The is at least one report that Windows 2000 build 2070 is not vulnerable. At least one report claims that Windows NT 4.0 SP4 is vulnerable but others have reported otherwise. -- Elias Levy Security Focus http://www.securityfocus.com/
Current thread:
- Re: IGMP fragmentation bug Aleph One (Jul 13)
- [Ann/CfP] SANE 2000 - May 22-25, 2000 (2nd Int'l System Administration & Networking Conference) Fred Donck (Jul 13)
- Re: IGMP fragmentation bug - another behavior Serg `Ice` Tsyganenko (Jul 13)