Microsoft ISA Server Fragmented Udp Flood Vulnerability

["Tamer Sahin" <ts () blackhat cc>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----[ Microsoft ISA Server Fragmented Udp Flood Vulnerability ]----

- ----[ Type
A system resource is exhausted.

- ----[ Summary
A fragmented Udp attack through the microsoft isa server makes the
system hampered by using the cpu at 100%. Meanwhile server uses
processor power too much and therefore packet process ratio
decreases.

- ----[ Log
You may reach the session log through
http://www.tamersahin.net/downloads/isa.txt

- ----[ Exploit
opentear.c by RootShell
http://www.tamersahin.net/downloads/opentear.c

- ----[ Tested
Windows 2000 Server + Service Pack 2
Microsoft ISA Server Enterprise Edition Full + All Fixes

- ----[ Vendor Status
Microsoft has been contacted.

- ----[ Disclaimer
Tamer Sahin is not responsible for the misuse or illegal use of any
of the information and/or the software listed on this security
advisory.

- ----[ Greetz
bLaCkWinD, RhinoCO, nigma, CronoS, inf0, omniheurist, HuzursuZ,
LuNiZ, dEtAy, Derwish, Strange Deja Vu, Nosferatu, dummy, WebEffect
and you!

Tamer Sahin
http://www.tamersahin.net
PGP Key ID: 0x63DE5F63 Fingerprint:
63D9 FBE7 7369 A9A9 1119 C80C 31D3 D363 63DE 5F63

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO+LBDDHT02Nj3l9jEQLqZwCg4AU8Vlymy7NY1QELhGCQJtzaXk0An1Yd
HDDJ8gi5v4Bq4TEczZY/dZPe
=glWR
-----END PGP SIGNATURE-----