TCP/IP 'Chorusing' Windows DoS

This script is Copyright (C) 1999-2011 Tenable Network Security, Inc.

Synopsis :

The remote OS may facilitate a denial of service attack.

Description :

Microsoft Windows 95 and 98 clients have the ability
to bind multiple TCP/IP stacks on the same MAC address,
simply by having the protocol added more than once
in the Network Control panel.

The remote host has several TCP/IP stacks with the
same IP bound on the same MAC address. As a result,
it will reply several times to the same packets,
such as by sending multiple ACK to a single SYN,
creating noise on your network. If several hosts
behave the same way, then your network will be
brought down.

Solution :

Remove all the IP stacks except one in the remote

Risk factor :

Medium / CVSS Base Score : 5.7
CVSS Temporal Score : 5.7
Public Exploit Available : true

Family: Denial of Service

Nessus Plugin ID: 10276 ()

Bugtraq ID: 225

CVE ID: CVE-1999-1201

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now