|Publisher:||Microsoft Corporation More titles >>|
|Last Updated:||Aug 25, 2000|
|Operating system:||Windows 95|
|File size:||174 KB|
Microsoft Windows 95 Malformed IPX Ping Packet Vulnerability Patch v1.0 Description:
eliminates a security vulnerability which could be used to cause an affected system to fail, and depending on the number of affected PCs on a network, flood it with superfluous data. The affected system component generally is present only if it has been deliberately installed. The Microsoft IPX/SPX protocol implementation (NWLink) supports the IPX (Internetwork Packet eXchange) Ping command via the diagnostic port 0x456. Because of a flaw in the implementation of the protocol in Windows 95, NWLink in these systems responds to an IPX ping packet even when the source network address has been purposely modified to a broadcast address.
This could give a malicious user an opportunity to launch an attack by broadcasting a single ping request. Each affected PC that received the ping would respond to it, potentially resulting in a broadcast storm. In a large network, this could temporarily swamp the network’s bandwidth.
Moreover, upon seeing its own response, each affected machine would attempt to process it, triggering a scenario that would culminate in the machine’s failure. A machine that failed due to this vulnerability could be put back into service by rebooting it.
IPX is installed by default in Windows 95 if there is a network card present in the machine at installation time. Even when it is installed, malicious users' ability to exploit this vulnerability would depend on whether they could deliver a Ping packet to an affected machine. Routers frequently are configured to drop IPX packets, and if such a router lay between the malicious user and an affected machine, an attack could not be undertaken.
As a rule, routers on the Internet do not forward IPX packets, protecting intranets from outside attack, as well as machines connected to the Internet via dial-up connections.
The most likely scenario in which this vulnerability could be exploited would be by a malicious intranet user attacking affected machines on the same intranet, or malicious users on the Internet attacking affected machines on their cable modems or DSL subnets.
If you use a shared computer on a regular basis, then chances are that you will be deleting personal data fairly regularly (Freeware)
Revo Uninstaller Pro is a utility that can help you completely remove software and programs installed on your system and even delete files and informa (Shareware)
Comodo Antivirus is a solid, reliable array of tools that provides a reassuring level of security for Microsoft Windows based computers. (Freeware)
HitmanPro is a perfect complement to antivirus software to increase the security of your system. (Shareware)
eConceal Firewall for Servers eConceal Firewall for Servers is a powerful, highly... (Shareware)
No Peeking! is a personal privacy utility which allows you to password-protect any... (Shareware)
You're pretty careful to learn and review your daily Daf, and you try to do Rashi... (Shareware)