Microsoft Windows 95 Security Patch: 'Malformed IPX NMPI Packet' VulnerabilityThe Microsoft IPX/SPX protocol implementation (NWLink) includes an NMPI (Name Management Protocol on IPX) listener that will reply to any requesting network address. The NMPI listener software does no | |
Download |
Microsoft Windows 95 Security Patch: 'Malformed IPX NMPI Packet' Vulnerability Ranking & Summary
Advertisement
Microsoft Windows 95 Security Patch: 'Malformed IPX NMPI Packet' Vulnerability Tags
- Finger protocol implementation protocol HDMP protocol YMSG protocol Authentication Protocol Network Protocol nmdc protocol listener frequecy listener Identity Protocol RTMPE protocol Internet Protocol Address transport protocol port listener Network Protocol Reader Read Protocol protocol emulation Stun protocol tone listener MRIM protocol implement MRIM protocol MRIM protocol implementation IPX packets IPX Gadu-Gadu protocol RTMPT protocol analyze protocol radio listener protocol map ringtone listener Who Is protocol implement FIC protocol FIX protocol implementation port 3380 listener response protocol OSC protocol annotation listener Swing listener replacement Swing listener TUIO protocol build listener cyanchat protocol SVDR Protocol music collection listener protocol independent Ethernet Protocol podcast listener spx .NET protocol implementation protocol implementation UDP Protocol Networking protocol conver protocol test protocol URI protocol cochlear implant listener Microsoft Messenger Protocol network simplex implementation protocol kernel EMI protocol Event-Listener Framework event listener XA protocol implementation XA protocol Multicast Protocol network protocol tester test network protocol rsync protocol protocol software protocol decode Address Resolution Protocol protocol sop
Microsoft Windows 95 Security Patch: 'Malformed IPX NMPI Packet' Vulnerability Description
The Microsoft IPX/SPX protocol implementation (NWLink) includes an NMPI (Name Management Protocol on IPX) listener that will reply to any requesting network address. The NMPI listener software does not filter the requesting computer's network address correctly, and will therefore reply to a network broadcast address. Such a reply would in turn cause other IPX NMPI listener programs to also reply. This sequence of broadcast replies could generate a large amount of unnecessary network traffic. A machine that crashed due to this vulnerability could be put back into service by rebooting.IPX is only installed by default in Windows 95 if there is a network card present in the machine at installation time. Even when IPX is installed, a malicious user?s ability to exploit this vulnerability would depend on whether he could deliver a malformed NMPI packet to an affected machine. Routers frequently are configured to drop IPX packets, and if such a router lay between the malicious user and an affected machine, he could not attack it. Routers on the Internet, as a rule, do not forward IPX packets, and this would tend to protect intranets from outside attack, as well as protecting machines connected to the Internet via dial-up connections. The most likely scenario in which this vulnerability could be exploited would be one in which a malicious user on an intranet would attack affected machines on the same intranet, or one in which a malicious user on the Internet attacked affected machines on his cable modem or DSL subnet.
Microsoft Windows 95 Security Patch: 'Malformed IPX NMPI Packet' Vulnerability Related Software