Overview

Microsoft Windows 98 and 98 Second Edition Malformed IPX Ping Packet Vulnerability Patch eliminates a security vulnerability which could be used to cause an affected system to fail, and depending on the number of affected PCs on a network, flood it with superfluous data. The affected system component generally is present only if it has been deliberately installed. The Microsoft IPX/SPX protocol implementation (NWLink) supports the IPX (Internetwork Packet eXchange) Ping command via the diagnostic port 0x456. Because of a flaw in the implementation of the protocol in Windows 98 and 98 Second Edition, NWLink in these systems responds to an IPX ping packet even when the source network address has been purposely modified to a broadcast address. This could give a malicious user an opportunity to launch an attack by broadcasting a single ping request. Each affected PC that received the ping would respond to it, potentially resulting in a broadcast storm. In a large network, this could temporarily swamp the networkls bandwidth. Moreover, upon seeing its own response, each affected machine would attempt to process it, triggering a scenario that would culminate in the machinels failure. A machine that failed due to this vulnerability could be put back into service by rebooting it. IPX is not installed by default in Windows 98 and 98 Second Edition. Even when it is installed, malicious users' ability to exploit this vulnerability would depend on whether they could deliver a Ping packet to an affected machine. Routers frequently are configured to drop IPX packets, and if such a router lay between the malicious user and an affected machine, an attack could not be undertaken. As a rule, routers on the Internet do not forward IPX packets, protecting intranets from outside attack, as well as machines connected to the Internet via dial-up connections. The most likely scenario in which this vulnerability could be exploited would be by a malicious intranet user attacking affected machines on the same intranet, or malicious users on the Internet attacking affected machines on their cable modems or DSL subnets.

Licensing

Microsoft Windows 98 and 98 Second Edition Malformed IPX Ping Packet Vulnerability Patch represented in our directory as a Freeware product.

History & Statistics

Microsoft Windows 98 and 98 Second Edition Malformed IPX Ping Packet Vulnerability Patch v1.0 (167.0 KB) was first added to File Surgery on 19 January, 2009. It has been downloaded 80 times and has been reviewed 211 times.

OS Support

Related search requests

Actual Windows Manager - Advanced Encryption Plugin For Windows Explorer - Aidfile Recovery Software New Year Edition - AthTek NetWalk Enterprise Edition - AthTek NetWalk Free Edition - BitComet Acceleration Patch - BitTorrent Acceleration Patch - Bluetooth Windows - Brain App For Windows - CKZ Time Clock Free Edition