Out of Band (OOB) data denial of service

win-oob (173) The risk level is classified as MediumMedium Risk

Description:

By sending out-of-band data to port 139, an attacker can cause a Windows system to lose network capability and possibly crash.


Consequences:

Denial of Service

Remedy:

Apply the latest Windows NT Service Pack (SP4 or higher), available from the Microsoft Product Support Services Web site. See References.

— OR —

As an alternative, Windows NT 4.0 Service Pack 3 (SP3) users who choose not to upgrade to SP4 or higher should apply the post-SP3 teardrop2-fix as listed in Microsoft Knowledge Base Article Q179129. See References. (The teardrop2 patch supersedes the OOB patch. Do not apply the oob-fix unless there is a specific reason to do so in your environment.)

For SCO OpenServer 5.0:
Apply System Security Enhancement patch SSE010, as listed in SCO Security Bulletin 98:01. See References.

References:

Platforms Affected:

  • Apple Mac OS
  • Cisco IOS
  • Compaq Tru64
  • Data General DG/UX
  • HP HP-UX
  • IBM AIX
  • IBM OS2
  • Linux Kernel
  • Microsoft Windows 95
  • Microsoft Windows 98
  • Microsoft Windows 98SE
  • Microsoft Windows NT 4.0
  • Novell NetWare
  • SCO SCO OpenServer 5.0
  • SCO SCO Unix
  • SGI IRIX
  • Sun Solaris
  • WindRiver BSDOS

Reported:

May 14, 1997

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page