LAND attack vulnerability on Windows Server 2003 and Windows XP

From: James Rankin (james_rankin_at_HUNTSMAN.COM)
Date: 03/08/05

  • Next message: Marc Maiffret: "FW: Update: MS05-011 EEYE: Windows SMB Client Transaction Response Handling Vulnerability"
    Date:         Tue, 8 Mar 2005 13:25:36 +0000
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    A LAND attack vulnerability has been highlighted in Windows XP and Windows
    Server 2003 by Dejan Levaja

    http://www.securityfocus.com/archive/1/392354

    It was later highlighted by CA as a High risk

    http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32520

    There has been no vendor response to this as yet. Initial testing suggests
    it works with mixed results on 2003 and XP SP2.

    JR

    --
    NTBugtraq Editor's Note:
    Most viruses these days use spoofed email addresses. As such, using an Anti-Virus product which automatically notifies the perceived sender of a message it believes is infected may well cause more harm than good. Someone who did not actually send you a virus may receive the notification and scramble their support staff to find an infection which never existed in the first place. Suggest such notifications be disabled by whomever is responsible for your AV, or at least that the idea is considered.
    --
    

  • Next message: Marc Maiffret: "FW: Update: MS05-011 EEYE: Windows SMB Client Transaction Response Handling Vulnerability"