| VID |
26023 |
| Severity |
30 |
| Port |
139 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (Q259728) for the "IP Fragment Reassembly" vulnerability has not been applied on the remote Windows host.
Windows 95, 98, NT, and 2000, as well as BeOS 5.0, are vulnerable to a denial of service attack, due to a flaw in their method of IP fragment reassembly. A remote attacker could consume most or all of the CPU resources by sending a large number of identical fragmented IP packets, a.k.a. Jolt2 or the "IP Fragment Reassembly" vulnerability.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* Platforms Affected:
Microsoft Windows NT, 2000
* References:
http://www.iss.net/security_center/static/4518.php
http://www.microsoft.com/technet/security/bulletin/ms00-029.asp |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS00-029. (http://www.microsoft.com/technet/security/bulletin/ms00-029.asp) |
| Related URL |
CVE-2000-0305 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
