Code: p297 Severity: Warning
Description: A Land attack, named after the published exploit of that name, is an attack whereby a TCP SYN packet is sent with a spoofed source IP address and port number which matches that of the destination IP address and port. This causes some TCP implementations to go into a loop that crashes the machine. Impact: A large number of Unix and non-Unix systems. Check with your vendor for specific information. Corrective: Configure your Internet router or firewall to block incoming packets containing your organization's IP address as the source address. How to remove this vulnerability: Upgrade your operating system.
|
