Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:272 |
Message | DOS IGMP dos attack |
Summary | This event is generated when a remote attacker transmits fragmented IGMP packets with malformed headers to the internal network, indicating an IGMP Denial of Service (DoS) attack. |
Impact | Denial of service. |
Detailed Information | If an IGMP packet with a malformed header is transmitted to an unpatched Microsoft Windows computer, the computer may crash when it attempts to process the packet. |
Affected Systems | Microsoft Windows 95 Microsoft Windows 98 Microsoft Windows 98 SE Microsoft Windows NT 4 |
Attack Scenarios | An attacker sends fragmented IGMP packets with malformed headers to a target computer. If the computer is running an unpatched version of Windows, it may crash. |
Ease of Attack | Simple. Exploits exist. |
Corrective Action | Install the latest patches available for your operating system. See http://www.microsoft.com/technet/security/bulletin/ms99-034.asp for more information. Implement a packet-filtering firewall to block inappropriate traffic to the network. |
Additional References | Bugtraq http://www.securityfocus.com/bid/514 Microsoft http://www.microsoft.com/technet/security/bulletin/ms99-034.asp |
Rule References | bugtraq: 514 cve: 1999-0918 url: www.microsoft.com/technet/security/bulletin/MS99-034.mspx |
--
DID:127077
--
http://www.aanval.com/