Filename: SE17B049.EXE
For: WinFrame Version 1.7
Replaces: SE17B004
Language supported: English (US)


NOTE: You must install Service Pack 5B before applying this 
      hotfix.


Description
-----------
        This hotfix for WinFrame 1.7 addresses the following 
        issues and protects against the following attacks:
        (Land, Latierra, Teardrop and Boink.)

        1. Corrects the problem where the Land Attack slows down
           a server for one minute.  An attacker can keep this 
           going indefinitely by sending the spoofed packet 
           periodically and varying the TCP port.
           [From Hotfix SE17B049]
        2. Corrects the problem where WinFrame 1.7 may stop
           responding (hang) with a STOP 0x0000000A or 
           0x00000019 message after receiving a number of 
           deliberately corrupted UDP packets.

           This behavior occurs due to a variation of the 
           "teardrop" attack.  The modified teardrop attack
           works by sending pairs of deliberately constructed IP
           fragments which reassemble into an invalid UDP
           datagram.  Overlapping offsets cause the second 
           packet to overwrite data in the middle of the UDP 
           header contained in the first packet in such a way 
           that the datagrams are left incomplete.

           As WinFrame 1.7 receives these invalid datagrams, it
           allocates kernel memory.  If enough of these invalid
           datagrams are received WinFrame 1.7 may hang with a
           STOP 0x0000000A or 0x00000019.
           [From Hotfix SE17B049]



Installation Instructions for the SE17B049 Hotfix
-------------------------------------------------
1. Copy SE17B049.EXE to an empty directory on your hard disk and
   execute the command:

   SE17B049

2. Execute the following command to install the Hotfix on your
   system:

   HOTFIX /I

3. Shut down and restart your computer.


Files Updated
-------------
hotfix   exe    58,816 07/13/98  15:08
tcpip    sys   123,728 09/11/98  14:44

