• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Multiple Vendor loopback (land.c) Denial of Service Vulnerability

Solution:
Apply the appropriate patches or upgrade to an unaffected software version.

Microsoft has released an advisory and updates to address this and other issues.

Microsoft has released revised fixes to address this and other issues. Microsoft recommends installing the revised fixes even if the previous versions have been installed.


Microsoft Windows NT Enterprise Server 4.0 SP3

• Microsoft Q165005
  ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/hotfi xes-postSP3/teardrop2-fix/tearfixi.exe

Microsoft Windows NT Server 4.0 SP3

• Microsoft Q165005
  ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/hotfi xes-postSP3/teardrop2-fix/tearfixi.exe

Microsoft Windows NT Terminal Server 4.0 SP3

• Microsoft Q165005
  ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/hotfi xes-postSP3/teardrop2-fix/tearfixi.exe

Microsoft Windows Server 2003 Enterprise Edition Itanium 0

• Microsoft Security Update for Windows Server 2003 64-bit Edition and Windows XP 64-bit Edition, Version 20
  http://www.microsoft.com/downloads/details.aspx?familyid=AC019224-82BE -4263-B977-02D4DC6C9FF6&displaylang=en

Microsoft Windows NT Workstation 4.0 SP3

• Microsoft Q165005
  ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/hotfi xes-postSP3/teardrop2-fix/tearfixi.exe

Microsoft Windows Server 2003 Standard Edition

• Microsoft Security Update for Windows Server 2003 (KB893066)
  http://www.microsoft.com/downloads/details.aspx?familyid=F1F9A44F-D4F1 -4EF8-83F7-737DF6CC292E&displaylang=en

Microsoft Windows Server 2003 Datacenter Edition Itanium 0

• Microsoft Security Update for Windows Server 2003 64-bit Edition and Windows XP 64-bit Edition, Version 20
  http://www.microsoft.com/downloads/details.aspx?familyid=AC019224-82BE -4263-B977-02D4DC6C9FF6&displaylang=en

Microsoft Windows Server 2003 Datacenter Edition

• Microsoft Security Update for Windows Server 2003 (KB893066)
  http://www.microsoft.com/downloads/details.aspx?familyid=F1F9A44F-D4F1 -4EF8-83F7-737DF6CC292E&displaylang=en

Microsoft Windows Server 2003 Enterprise Edition

• Microsoft Security Update for Windows Server 2003 (KB893066)
  http://www.microsoft.com/downloads/details.aspx?familyid=F1F9A44F-D4F1 -4EF8-83F7-737DF6CC292E&displaylang=en

Microsoft Windows XP Home SP2

• Microsoft Security Update for Windows XP (KB893066)
  http://www.microsoft.com/downloads/details.aspx?familyid=81049A86-6F39 -4A27-A643-391262785CF3&displaylang=en

Microsoft Windows Server 2003 Web Edition

• Microsoft Security Update for Windows Server 2003 (KB893066)
  http://www.microsoft.com/downloads/details.aspx?familyid=F1F9A44F-D4F1 -4EF8-83F7-737DF6CC292E&displaylang=en

Microsoft Windows XP Professional SP2

• Microsoft Security Update for Windows XP (KB893066)
  http://www.microsoft.com/downloads/details.aspx?familyid=81049A86-6F39 -4A27-A643-391262785CF3&displaylang=en

Microsoft Windows 95

• Microsoft Q177539
  http://download.microsoft.com/download/win95upg/update4/1/w95/EN-US/vt cpup20.exe

HP HP-UX 10.0 1

• HP PHNE_13472
  Series 800
  ftp://ftp.itrc.hp.com/superseded_patches/hp-ux_patches/s800/10.X/PHNE_ 13472


• HP PHNE_13473
  ftp://ftp.itrc.hp.com/superseded_patches/hp-ux_patches/s700/10.X/PHNE_ 13473

HP HP-UX 10.0

• HP PHNE_13474
  Series 800
  ftp://ftp.itrc.hp.com/hp-ux_patches/s800/10.X/PHNE_13474


• HP PHNE_13475
  Series 700
  ftp://ftp.itrc.hp.com/hp-ux_patches/s700/10.X/PHNE_13475

HP HP-UX 10.10

• HP PHNE_13470
  Series 800
  ftp://ftp.itrc.hp.com/superseded_patches/hp-ux_patches/s800/10.X/PHNE_ 13470


• HP PHNE_13471
  Series 700
  ftp://ftp.itrc.hp.com/hp-ux_patches/s700/10.X/PHNE_13471

HP HP-UX 10.16

• HP PHKL_14242
  Series 700
  ftp://ftp.itrc.hp.com/hp-ux_patches/s700/10.X/PHKL_14242


• HP PHKL_14243
  Series 800
  ftp://ftp.itrc.hp.com/hp-ux_patches/s800/10.X/PHKL_14243

HP HP-UX 10.20

• HP PHNE_13468
  ftp://ftp.itrc.hp.com/superseded_patches/hp-ux_patches/s800/10.X/PHNE_ 13468

HP HP-UX (VVOS) 10.24

• HP PHNE_13888
  ftp://ftp.itrc.hp.com/superseded_patches/hp-ux_patches/s700/10.X/PHNE_ 13888


• HP PHNE_13889
  Series 800
  ftp://ftp.itrc.hp.com/superseded_patches/hp-ux_patches/s800/10.X/PHNE_ 13889

HP HP-UX 10.30

• HP PHNE_13671
  ftp://ftp.itrc.hp.com/superseded_patches/hp-ux_patches/s700_800/10.X/P HNE_13671

HP HP-UX 11.0

• HP PHNE_26771
  http://itrc.hp.com

FreeBSD FreeBSD 2.2.5

• FreeBSD land-22
  ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/old/SA-98:01/land-22

SCO Open Server 5.0

• SCO sse010
  ftp://ftp.sco.COM/SSE/sse010.tar.Z