Affects: Windows 95 (including OSR2), Windows NT 3.51, and Windows NT 4.0

Description of Bug:

This bug is a security hole in Windows that allows a malicious user to crash Windows 95 and Windows NT machines that are connected to a network. The attack occurs most commonly over the Internet.

A program was written (called TearDrop) that sends IP fragments to a Windows machine connected to the network. This program has also been shown to be able to crash Linux machines.

This attack exploits an overlapping IP fragment bug present in Windows 95 and Windows NT. When a Windows machine receives this attack, it is unable to handle the data and can exhibit behavior ranging from a lost Internet connection to the infamous blue screen of death. This bug has not been shown to cause any significant damage to systems, and a simple reboot is the preferred remedy. However, though non-destructive, this bug could cause possible problems if you have unsaved data in an open application when you are attacked, causing you to lose the data.

 

Available Fix(es):

Windows 95 and NT Users: This attack can be prevented by following the procedures on the WinFiles.com Attack-Proofing Procedures page.

CertifyEasily

Microsoft and Windows are registered trademarks of Microsoft Corporation. Microsoft Corporation in no way endorses or is affiliated with CertifyEasily. The products referenced in this site are provided by parties other than CertifyEasily. CertifyEasily makes no representations regarding either the products or any information about the products. Any questions, complaints, or claims regarding the products must be directed to the appropriate manufacturer or vendor.