TIP: Invalid Identify Response
This signature detects an invalid response to an IDENTIFY command. An IDENTIFY command should be responded with an IDENTIFIED response. A malformed response to an IDENTIFY command can, on certain implementations of TIP, cause the serving process to hang, creating a Denial of Service (DoS). This signature is configured to monitor typical TIP ports. For maximum coverage, the port range needs to be expanded to cover all ports allowed for TIP on your TIP servers.
Extended Description
Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly connect to a target IP and port number after an error occurs, aka the "Distributed TIP Vulnerability."
Affected Products
Microsoft windows_2000
Short Name
TIP:INV-IDENTIFY-RESP
Severity
Minor
Recommended
False
Recommended Action
None
Category
TIP
Keywords
CVE-2005-1980 Identify Invalid Response bid:15059
Release Date
10/11/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
Port
TCP/3372,8086
False Positive
Unknown
Vendors
Microsoft
CVSS Score
5.0