Windows.IGMP.Header.Invalid.B

description-logoDescription

This IGMP attack is a denial-of-service attack that affects Windows systems.
Fragmentation is the process of breaking down an IP datagram into smaller packets to be transmitted over a network and then reassembling them at the receiving end. Attackers can send fragmented IGMP packets to a target system running Windows. Fragmented ICMP packets may corrupt the TCP/IP stack to improperly gain access to invalid segments of the system memory, degrading the performance or hanging the target system.

affected-products-logoAffected Products

Any unprotected system running Windows 3.x, Windows 95 or Windows NT is vulnerable to the attack.

Impact logoImpact

The target system under the attack may be slowed down or stop responding.

recomended-action-logoRecommended Actions

Microsoft has released a series of patches, available at:
Windows 95: Patches are available via Windows Update
Windows 98: http://www.microsoft.com/windows98/downloads/corporate.asp />The following fixes are available:
Microsoft Windows NT Enterprise Server 4.0
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Terminal Server 4.0 SP1
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40TSE/ho tfixes-postSP4/IGMP-fix/
Microsoft Windows NT Enterprise Server 4.0 SP2
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Server 4.0 SP3
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Terminal Server 4.0
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40TSE/ho tfixes-postSP4/IGMP-fix/
Microsoft Windows NT Terminal Server 4.0 SP3
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40TSE/ho tfixes-postSP4/IGMP-fix/
Microsoft Windows NT Enterprise Server 4.0 SP3
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Server 4.0 SP1
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Workstation 4.0 SP5
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Workstation 4.0
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Enterprise Server 4.0 SP4
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Workstation 4.0 SP2
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Server 4.0
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Enterprise Server 4.0 SP5
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Workstation 4.0 SP3
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Workstation 4.0 SP4
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Terminal Server 4.0 SP2
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40TSE/ho tfixes-postSP4/IGMP-fix/
Microsoft Windows NT Terminal Server 4.0 SP4
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40TSE/ho tfixes-postSP4/IGMP-fix/
Microsoft Windows NT Server 4.0 SP5
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Server 4.0 SP2
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Workstation 4.0 SP1
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Enterprise Server 4.0 SP1
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/
Microsoft Windows NT Server 4.0 SP4
Microsoft Q238329
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfi xes-postsp5/igmp-fix/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)