AppleShare IP 6 Web & File Update 1 is an Extension that eliminates the vulnerability of AppleShare IP 6 Web & File servers (versions 6.0 and 6.1) to a denial of service attack known as ΓÇ£WinnukeΓÇ¥. This patch protects all services in the Web & File server from this kind of attack, but such attacks are most common with Windows file sharing. The likelihood of experiencing a Winnuke attack is small - it requires a deliberate malicious action, and the attacker has to have some knowledge of your system. If your server is on the Internet, or you feel your system is vulnerable to such attacks, you should install this update. A ΓÇ£Winnuke AttackΓÇ¥ is a malicious attempt to crash a server by sending it data which it cannot handle. Specifically, a high-priority message is sent over TCP/IP (also called an ΓÇ£out of bandΓÇ¥ message) to the Windows file sharing port. Since priority messages are not a normal part of the Windows file sharing protocol (SMB), there is no established way to handle such messages, and the server considers this to be a fatal error. This update makes the server ignore all ΓÇ£out of bandΓÇ¥ messages, which will not affect ordinary operation and will prevent the server from interpreting such a message as a fatal error.
