[19335] in bugtraq
Re: Microsoft Security Bulletin MS01-011
daemon@ATHENA.MIT.EDU (Ben Greenbaum)
Thu Feb 22 19:15:13 2001
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Pine.GSO.4.30.0102221624290.18291-100000@mail>
Date: Thu, 22 Feb 2001 16:26:44 -0700
Reply-To: Ben Greenbaum <bgreenbaum@SECURITYFOCUS.COM>
From: Ben Greenbaum <bgreenbaum@SECURITYFOCUS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
This bulletin is in response to an issue originally brought up on the
vuln-dev list. Here is the original post, which can be viewed in the
archives at:
http://www.securityfocus.com/archive/82/148411
----------------------------------------------------------------
To: Vuln-Dev
Subject: UDP Ping-pong in Win2k
Date: Sat Dec 02 2000 13:04:43
Author: FX, Phenoelit < dev@phenoelit.de >
Message-ID: <3A28F36B.73F23B8B@phenoelit.de>
Sorry if this is already well-known.
Windows 2000 server with an open UDP Kerberos v5 port (464) is
vulnerable to a UDP ping-pong attack where you send a packet with
someone elses IP address and chargen source port to it. Drives CPU usage
on my test system to approx. 70%.
AFAIK affected systems: Win2k server running AD.
Could someone confirm this? I don't want to email MS to discover that
I'm to stupid to configure my Win2k. Any response is highly appreciated.
Regards
FX
--
dev <dev@phenoelit.de>
Phenoelit (http://www.phenoelit.de)
----------------------------------------------------------------
Ben Greenbaum
Director of Site Content
SecurityFocus
http://www.securityfocus.com
