LAND attack vulnerability on Windows Server 2003 and Windows XP

From: James Rankin (james_rankin_at_HUNTSMAN.COM)
Date: 03/08/05

  • Next message: Marc Maiffret: "FW: Update: MS05-011 EEYE: Windows SMB Client Transaction Response Handling Vulnerability"
    Date:         Tue, 8 Mar 2005 13:25:36 +0000
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    A LAND attack vulnerability has been highlighted in Windows XP and Windows
    Server 2003 by Dejan Levaja

    http://www.securityfocus.com/archive/1/392354

    It was later highlighted by CA as a High risk

    http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32520

    There has been no vendor response to this as yet. Initial testing suggests
    it works with mixed results on 2003 and XP SP2.

    JR

    --
    NTBugtraq Editor's Note:
    Most viruses these days use spoofed email addresses. As such, using an Anti-Virus product which automatically notifies the perceived sender of a message it believes is infected may well cause more harm than good. Someone who did not actually send you a virus may receive the notification and scramble their support staff to find an infection which never existed in the first place. Suggest such notifications be disabled by whomever is responsible for your AV, or at least that the idea is considered.
    --
    

  • Next message: Marc Maiffret: "FW: Update: MS05-011 EEYE: Windows SMB Client Transaction Response Handling Vulnerability"

    Relevant Pages

    • SecurityFocus Microsoft Newsletter #154
      ... MICROSOFT VULNERABILITY SUMMARY ... ISS RealSecure Server Sensor SSL Denial Of Service Vulnerabi... ... Roger Wilco Remote Server Side Buffer Overrun Vulnerability ... available for Microsoft Windows operating systems. ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #49
      ... Subject: SecurityFocus Microsoft Newsletter #49 ... Microsoft Windows NNTP Denial of Service Vulnerability ... Microsoft IIS SSI Buffer Overrun Privelege Elevation Vulnerability ... Microsoft ISA Server H.323 Memory Leak Denial of Service... ...
      (Focus-Microsoft)
    • ~~~~~~~~~~~~~~ CANNOT FIND ~~~~~~~~~~~~~~
      ... acrobat cannot find external windows handler ... activesync cannot find exchange server ... aol internet explorer cannot find server ... brother network scanner cannot find pc ...
      (sci.geo.fluids)
    • ~~~~~~~~~~~~~~~ CANNOT FIND ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      ... cannot find server or dns error ... windows cannot find null ... windows cannot find the network path ... cannot find internet explorer on computer ...
      (comp.protocols.snmp)
    • Questions Relating to Administering Windows 2000 Server
      ... installed the network client on the target computer. ... Sarah has been attempting to install Windows 2000 ... Server for two days. ... Sarah has checked the cables and hard drives. ...
      (microsoft.public.cert.exam.mcse)