Bugtraq mailing list archives

Re: Microsoft Security Bulletin MS01-011

From: Ben Greenbaum <bgreenbaum () SECURITYFOCUS COM>
Date: Thu, 22 Feb 2001 16:26:44 -0700

This bulletin is in response to an issue originally brought up on the
vuln-dev list. Here is the original post, which can be viewed in the
archives at:
http://www.securityfocus.com/archive/82/148411

----------------------------------------------------------------
To: Vuln-Dev
Subject: UDP Ping-pong in Win2k
Date: Sat Dec 02 2000 13:04:43
Author: FX, Phenoelit < dev () phenoelit de >
Message-ID: <3A28F36B.73F23B8B () phenoelit de>

Sorry if this is already well-known.

Windows 2000 server with an open UDP Kerberos v5 port (464) is
vulnerable to a UDP ping-pong attack where you send a packet with
someone elses IP address and chargen source port to it. Drives CPU usage
on my test system to approx. 70%.
AFAIK affected systems: Win2k server running AD.

Could someone confirm this? I don't want to email MS to discover that
I'm to stupid to configure my Win2k. Any response is highly appreciated.

Regards
FX
--
dev       <dev () phenoelit de>
Phenoelit (http://www.phenoelit.de)

----------------------------------------------------------------

Ben Greenbaum
Director of Site Content
SecurityFocus
http://www.securityfocus.com

Current thread:

Microsoft Security Bulletin MS01-011 Microsoft Product Security (Feb 22)
- <Possible follow-ups>
- Re: Microsoft Security Bulletin MS01-011 Ben Greenbaum (Feb 22)