A denial of service attack has been discovered that effects most operating systems. By creating a large number of TCP connections and leaving them in certain states, individual applications or the operating system itself can be starved or resources to the point of failure. This attack has been dubbed Naptha by BindView RAZOR and it effects all TCP ports. DEMONSTRATION Demonstration code has not been released but complete details on how Naptha works is available at the BindView RAZOR web site; http://razor.bindview.com/publish/advisories/adv_NAPTHA.html Or you can read the post to Win2K Security Advice here; http://www.windowsitsecurity.com/go/win2ks-l.asp?s=win2ksec VENDOR RESPONSE Microsoft has issued a security bulletin, MS00-091 and a patch that protects Netbios port 139 is available at; http://www.microsoft.com/Downloads/Release.asp?releaseID=25114 Other vendors have been notified but information on patches has yet to be released. CREDIT |
Windows NT and Windows 9x Vulnerable to Naptha DoS Attack
0 comments
Hide comments