This page explains the concept of a teardrop attack, the effect these attacks have on a system, and the operating systems that are vulnerable to this kind of attack. Older versions of Windows and Linux are vulnerable to teardrop attacks, including Windows 7 and Windows Vista.
A teardrop attack involves sending mangled IP fragments with overlapping, over sized payloads to the targeted machine. This can crash various operating systems because of a bug in their TCP/IP fragmentation re-assembly code. Windows 3.1x, Windows 95 and Windows NT operating systems, as well as versions of Linux prior to versions 2.0.32 and 2.1.63 are vulnerable to this attack One of the fields in an IP header is the "fragment offset" field, indicating the starting position, or offset, of the data contained in a fragmented packet relative to the data in the original packet. If the sum of the offset and size of one fragmented packet differs from that of the next fragmented packet, the packets overlap. When this happens, a server vulnerable to teardrop attacks is unable to reassemble the packets - resulting in a DOS (denial-of-service) condition. This is a 'disruption' category cyber attack.
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 License.