Vulnerability Development mailing list archives

Re: Windows IP Fragment Reassembly Vulnerability

From: pete () S3 INTEGRALIS CO UK (Pete Philips)
Date: Tue, 23 May 2000 11:20:06 +0100


Masial wrote:


Does anyone have info about this particular issue? I would be interested in
seeing what are those 'malformed' packets look like, and as usual, microsoft
dosent give any technical details about the vunlerability. Trust us blindly!


Is there any exploit code available yet? It would be handy to be
able to perform some tests and get an idea of which platforms/
applications are affected. There has been some debate on the
Firewall-1 list but no firm conclusions have been reached.

Thanks,

Pete.

 ---------------------------------------------------------------
|   Pete Philips                                           \|/  |
|   Integralis S3 Team                                      O   |
|   E-mail:  pete.philips () integralis co uk                      |
|   Phone:   +44 118 930 6060                                   |
|   PGP Key: http://www.s3.integralis.co.uk/pgp/pete.pgp        |
 ---------------------------------------------------------------

Current thread:

CAU Technologies, Inc. Security Advisory 2000.05.19.001 : Default Syslog Installations, (continued)
- CAU Technologies, Inc. Security Advisory 2000.05.19.001 : Default Syslog Installations Security Advisory (May 19)
- UPDATE on possible new "e-mail virus" concept ? Zoa_Chien (May 19)
  - Re: UPDATE on possible new "e-mail virus" concept ? Jim Paris (May 19)
    - Re: UPDATE on possible new "e-mail virus" concept ? Jon Williams (May 20)
    - Windows IP Fragment Reassembly Vulnerability Masial (May 20)
    - Re: Windows IP Fragment Reassembly Vulnerability Mikael Olsson (May 21)
    - Re: Outlook HTML VBS (demo) Michael Hendy (May 21)
    - Re: Outlook HTML VBS (demo) Masial (May 22)
    - Re: Windows IP Fragment Reassembly Vulnerability Blue Boar (May 21)
    - krb5 1.1.1 Mariusz Woloszyn (May 22)
    - Re: Windows IP Fragment Reassembly Vulnerability Pete Philips (May 23)
    - Re: UPDATE on possible new "e-mail virus" concept ? Bluefish (May 20)
- Re: possible new "e-mail virus" concept ? + bypassing IE settings Bluefish (May 20)
- Re: possible new "e-mail virus" concept ? + bypassing IE settings Zoa_Chien (May 19)
  - Re: possible new "e-mail virus" concept ? + bypassing IE settings Silvio L. Nisgoski (May 19)
  - Anyone have a copy of the New LoveYou code! Rich Dube (May 19)
- Re: possible new "e-mail virus" concept ? + bypassing IE settings Zoa_Chien (May 20)