|
|
>> Microsoft Windows IPv6 Remote Denial of Service Vulnerability
|
Title : Microsoft Windows IPv6 Remote Denial of Service Vulnerability
VUPEN ID : VUPEN/ADV-2005-0559
CVE ID : CVE-2005-1649
CWE ID : CWE-
Rated as : Low Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-05-17
|
A vulnerability was identified in Microsoft Windows XP and 2003, which could be exploited by remote attackers to cause a denial of service. This flaw resides in the Windows IPv6 TCP/IP stack when processing a specially crafted packet in which the SYN flag is set, and the source address and port are the same as the destination address and port (Land Attack). A remote attacker could exploit this vulnerability to cause a vulnerable system to crash.
Note : A variant of this vulnerability was initially fixed by Microsoft (MS05-019 / IPv4 Land Attack).
Update : This vulnerability is NOT related to Microsoft Security Advisory (899480) or VUPEN/ADV-2005-0567
Affected Products
Microsoft Windows XP
Microsoft Windows XP SP1
Microsoft Windows XP SP2
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Solution
Filter the traffic with a firewall.
VUPEN Security is not aware of any vendor-supplied patch.
References
http://www.vupen.com/english/advisories/2005/0559
http://www.frsirt.com/exploits/20050517.LandIpV6.c.php
Credits
Vulnerability reported by Konrad Malewski
ChangeLog
2005-05-17 : Initial release
2005-05-18 : Added information regarding MS 899480
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
