Content deleted Content added
→IP fragment too small: This is not an exploit itself, just a sign of one, so I adjusted the wording to better explain that. |
→IP fragment overlapped: combined IP fragment overlapped with IP fragment overwrite because they are the same. |
||
Line 145:
===IP fragment overlapped===
The IP fragment overlapped [[exploit (computer security)|exploit]] occurs when two fragments contained within the same IP datagram have offsets that indicate that they overlap each other in positioning within the datagram. This could mean that either fragment A is being completely overwritten by fragment B, or that fragment A is partially being overwritten by fragment B. Some operating systems do not properly handle fragments that overlap in this manner and may throw exceptions or behave in other undesirable ways upon receipt of overlapping fragments. This is the basis for the [[Teardrop attack|teardrop]] [[Denial of service]] attacks.
Overlapping fragments may also be used in an attempt to bypass Intrusion Detection Systems. In this exploit, part of an attack is sent in fragments along with additional random data; future fragments may overwrite the random data with the remainder of the attack. If the completed datagram is not properly reassembled at the IDS, the attack will go undetected.
=== IP fragmentation buffer full ===
| |||