"LAND" Attack Update

Aleph One (aleph1@DFW.NET)
Thu, 20 Nov 1997 15:23:29 -0600

This test where againts the "land" attack. This is _NOT_ about "teardrop".

BSDI 2.1 (vanilla) IS vulnerable
BSDI 2.1 (K210-021,K210-022,K210-024) NOT vulnerable
BSDI 3.0 NOT vulnerable
Digital UNIX 4.0 NOT vulnerable
FreeBSD 2.2.2-RELEASE IS vulnerable
FreeBSD 2.2.5-RELEASE IS vulnerable
FreeBSD 2.2.5-STABLE IS vulnerable
FreeBSD 3.0-CURRENT IS vulnerable
HP-UX 10.20 IS vulnerable
IRIX 6.2 NOT vulnerable
Linux 2.0.30 NOT vulnerable
Linux 2.0.32 NOT vulnerable
MacOS 8.0 IS vulnerable (TCP/IP stack crashed)
NetBSD 1.2 IS vulnerable
NeXTSTEP 3.0 IS vulnerable
NeXTSTEp 3.1 IS vulnerable
Novell 4.11 NOT vulnerable
OpenBSD 2.1 IS vulnerable
OpenBSD 2.2 (Oct31) NOT vulnerable
SCO OpenServer 5.0.4 NOT vulnerable
Solaris 2.5.1 IS vulnerable (conflicting reports)
SunOS 4.1.4 IS vulnerable
Windows 95 (vanilla) IS vulnerable
Windows 95 + Winsock 2 + VIPUPD.EXE IS vulnerable

Some misc stuff:

Ascend Pipeline 50 rev 5.0Ap13 NOT vulnerable
NCD X Terminals, NCDWare v3.2.1 IS vulnerable
LaserJet Printer NOT vulnerable

We got reports that applying the VTCPUPD update (originally the OOB attack
update) when applied to Windows 95 running Winsock 2 fixes the problem.
You may want to try it. You can download Vtcpupd.exe you

http://support.microsoft.com/download/support/mslfiles/Vtcpupd.exe

Thanks to Gonzo Granzeau <bygranz@rs6000.cmp.ilstu.edu> for pointing
out the Windows 95 possible fix. Thanks to everyone else (to many to
mention).

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5
Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01