Info

Disclosure

Sep 26, 2004

Discovery

Unknown

Dates

Exploit

Sep 26, 2004

Solution

Unknown

Description

Microsoft Windows contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a large number of small packet fragments (with fragments missing) followed by repeatedly sending the final fragment. For each final packet, the system attempts to reassemble the entire packet and will allocate memory causing a high CPU load. This may result in loss of availability for the platform.

Classification

Location: Remote/Network Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Available

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Microsoft Corporation	Windows	XP Pro SP1
		XP Home SP1
		2000 Pro
		2000 Pro SP4
		2000 Server SP3
		2000 Server SP1
		2000 Pro SP1
		2000 Server
		2000 Server SP4
		2000 Server SP2
		2000 Pro SP2
		2000 Pro SP3
		XP Pro
		XP Home
		XP Home SP2
		XP Pro SP2
		2000 Server SP1 Advanced
		2000 Server Advanced
		2000 Server SP2 Advanced
		2000 Server SP3 Advanced
		2000 Server Datacenter
		2000 Server SP4 Advanced
		2000 Server SP1 Datacenter
		2000 Server SP2 Datacenter
		2000 Server SP3 Datacenter
		2000 Server SP4 Datacenter

References

Bugtraq ID: 11258
Other Advisory URL: http://digital.net/~gandalf/Rose_Frag_Attack_Explained.txt
Secunia Advisory ID: 12670
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-09/0335.html

Credit

Gandalf The White - gandalfdigital.net -

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Windows

References

Credit