Microsoft Windows IPv6 Remote Denial of Service Vulnerability
FrSIRT Advisory : FrSIRT/ADV-2005-0559
CVE Reference : GENERIC-MAP-NOMATCH
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-05-17* Technical Description *
A vulnerability was identified in Microsoft Windows XP and 2003, which could be exploited by remote attackers to cause a denial of service. This flaw resides in the Windows IPv6 TCP/IP stack when processing a specially crafted packet in which the SYN flag is set, and the source address and port are the same as the destination address and port (Land Attack). A remote attacker could exploit this vulnerability to cause a vulnerable system to crash.
Note : A variant of this vulnerability was initially fixed by Microsoft (MS05-019 / IPv4 Land Attack).
* Affected Products *
Microsoft Windows XP
Microsoft Windows XP SP1
Microsoft Windows XP SP2
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1* Solution *
Filter the traffic with a firewall.
The FrSIRT is not aware of any official supplied patch for this issue.* References *
http://www.frsirt.com/english/advisories/2005/0559
http://www.frsirt.com/exploits/20050517.LandIpV6.c.php
* Credits *
Vulnerability reported by Kondrad Malewski
* ChangeLog *
2005-05-17 : Original Advisory
posted by Fergie @ 5/17/2005 12:34:00 PM
0 Comments:
Post a Comment
<< Home