Short UDP Packet

[FG12sqTSS () aol com]

Snort 2.1 produces alerts "Short UDP Packet" Length field > payload length.  
All alerts are from various a.b.c.d:0 -> e.f.g.h:0, where DST is frequently a 
broadcast address.  TTL=128; ID# increments normally; Dgmlen=265.  The network 
is 100% MS windows and Cisco.  

What traffic generates this as a potentially hostile packet vs. acceptable 
use?

Fred Gross III
Total System Security, LLC