•
•
•
•
•
•
•
•The
“Teardrop” attack affects mostly Linux and Win95/NT hosts (among others).
It sends a 2-fragment IP packet, with one
fragment too small.
This causes IP
stacks to overwrite a large amount of memory and crash.
•The
“Bonk” and “Boink” attacks reverse the “Teardrop” attack in that they set a
fragment offset larger than the packet size.
These exploits affect Windows machines.
“Bonk” attacks only port 53 on these machines, which isn’t
always open.
“Boink” was released in
order to send the attack packets to a range of ports, in order to make the
attack more usable.
•The “NewTear” attack affects Windows machines as
well.
It is simply a modified version
of “Teardrop” which changes padding length and increases the UDP header length
field to twice the size of the packet.
•The “Ping of Death” attack
affects many IP stacks, sending a fragmented packet which, when reassembled,
is larger than 65536 bytes.
This
causes an IP stack not protecting against the attack to overwrite the buffer
used to reassemble the packet.