[5160] in bugtraq
Simple TCP service hotfix reposted
daemon@ATHENA.MIT.EDU (Paul Leach)
Sat Aug 16 14:55:53 1997
Date: Fri, 15 Aug 1997 16:08:55 -0700
Reply-To: Paul Leach <paulle@MICROSOFT.COM>
From: Paul Leach <paulle@MICROSOFT.COM>
X-To: "ntsecurity@iss.net" <ntsecurity@iss.net>,
"ntbugtraq@ntadvice.com" <ntbugtraq@ntadvice.com>
To: BUGTRAQ@NETSPACE.ORG
The Simple TCP/IP service hotfix was discovered to have some problems
and was withdrawn. It has now been reposted at
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfixe
s-postSP3/simptcp-fix
From the KB article accompanying the fix:
Windows NT TCP/IP, Windows Sockets, and Simple TCP/IP services have been
modified to be more attack resistant. Windows Sockets now supports a new
socket option, SO_BROADCAST, that can be set to allow the recvfrom()
call
to pass broadcast datagrams to the application. The default for this
option
is OFF. Previous implementations passed broadcasts datagrams to any
Windows
Sockets application that issued a recvfrom() call. Additionally, the
chargen service and other Simple TCP/IP services have been modified to
drop
any datagrams that have the source port equal to the destination port to
prevent "looping" attacks.
Paul
------------------------------
Paul J. Leach
paulle@microsoft.com
