> Sender:  Bugtraq List <BUGTRAQ@NETSPACE.ORG>
> Subject:       "LAND" Attack Update
> To:  BUGTRAQ@NETSPACE.ORG
>
> This test where againts the "land" attack. This is _NOT_ about "teardrop".
>
> BSDI 2.1 (vanilla)                      IS  vulnerable
> BSDI 2.1 (K210-021,K210-022,K210-024)   NOT vulnerable
> BSDI 3.0                                NOT vulnerable
> Digital UNIX 4.0                        NOT vulnerable
> FreeBSD 2.2.2-RELEASE                   IS  vulnerable
> FreeBSD 2.2.5-RELEASE                   IS  vulnerable
> FreeBSD 2.2.5-STABLE                    IS  vulnerable
> FreeBSD 3.0-CURRENT                     IS  vulnerable
> HP-UX 10.20                             IS  vulnerable
> IRIX 6.2                                NOT vulnerable
> Linux 2.0.30                            NOT vulnerable
> Linux 2.0.32                            NOT vulnerable
> MacOS 8.0                               IS  vulnerable (TCP/IP stack crashed)
> NetBSD 1.2                              IS  vulnerable
  ^^^^^^^^^^                              ^^  ^^^^^^^^^^
> NeXTSTEP 3.0                            IS  vulnerable
> NeXTSTEp 3.1                            IS  vulnerable
> Novell 4.11                             NOT vulnerable
> OpenBSD 2.1                             IS  vulnerable
> OpenBSD 2.2 (Oct31)                     NOT vulnerable
> SCO OpenServer 5.0.4                    NOT vulnerable
> Solaris 2.5.1                           IS  vulnerable (conflicting reports)
> SunOS 4.1.4                             IS  vulnerable
> Windows 95 (vanilla)                    IS  vulnerable
> Windows 95 + Winsock 2 + VIPUPD.EXE     IS  vulnerable


I must have missed it...what is the "land" attack, and does anyone know if
NetBSD 1.3_ALPHA has been fixed?



Jeff Thieleke