Filename: SE17B049.EXE For: WinFrame Version 1.7 Replaces: SE17B004 Language supported: English (US) NOTE: You must install Service Pack 5B before applying this hotfix. Description ----------- This hotfix for WinFrame 1.7 addresses the following issues and protects against the following attacks: (Land, Latierra, Teardrop and Boink.) 1. Corrects the problem where the Land Attack slows down a server for one minute. An attacker can keep this going indefinitely by sending the spoofed packet periodically and varying the TCP port. [From Hotfix SE17B049] 2. Corrects the problem where WinFrame 1.7 may stop responding (hang) with a STOP 0x0000000A or 0x00000019 message after receiving a number of deliberately corrupted UDP packets. This behavior occurs due to a variation of the "teardrop" attack. The modified teardrop attack works by sending pairs of deliberately constructed IP fragments which reassemble into an invalid UDP datagram. Overlapping offsets cause the second packet to overwrite data in the middle of the UDP header contained in the first packet in such a way that the datagrams are left incomplete. As WinFrame 1.7 receives these invalid datagrams, it allocates kernel memory. If enough of these invalid datagrams are received WinFrame 1.7 may hang with a STOP 0x0000000A or 0x00000019. [From Hotfix SE17B049] Installation Instructions for the SE17B049 Hotfix ------------------------------------------------- 1. Copy SE17B049.EXE to an empty directory on your hard disk and execute the command: SE17B049 2. Execute the following command to install the Hotfix on your system: HOTFIX /I 3. Shut down and restart your computer. Files Updated ------------- hotfix exe 58,816 07/13/98 15:08 tcpip sys 123,728 09/11/98 14:44