This is just an FYI. I have confirmed and reproduced a new Denial of
Service exploit for Windows NT and Windows95. Under Windows NT this
exploit causes a proverbial BSOD, under Windows95, this causes an
exception in IFSMGR.VXD.
This exploit has been reported to Microsoft!
Details
Without putting out a blueprint of how to cause this. This is a
modified teardrop attack. (NOTE: This DOES affect machines patched
against teardrop) It utilizes UDP packets with altered headers. I have
also provided Microsoft with source code to this exploit.
Temporary Workaround
Any workaround that would have been implemented against teardrop should
work against this issue. By default, the UDP packets used in this
exploit are aimed at very high port numbers. So perhaps by blocking UDP
packets destined for high port numbers, you might be able to prevent
this attack. However, since it can be aimed at any port, a clever user
could get around filters such as this. I'd be happy to talk to anyone
about other alternatives for working around this issue.
Please feel free to repost this to NTBUGTRAQ (I'm not on that list) or
wherever else you choose.
-------------
Jiva DeVoe
MCSE
Devware Systems
jiva@devware.com