Security-Alerts mailing list archive (security-alerts@yandex-team.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[security-alerts] FW: [SA28297] Microsoft Windows TCP/IP Implementation Vulnerabilities
>
> TITLE:
> Microsoft Windows TCP/IP Implementation Vulnerabilities
>
> SECUNIA ADVISORY ID:
> SA28297
>
> VERIFY ADVISORY:
> http://secunia.com/advisories/28297/
>
> CRITICAL:
> Moderately critical
>
> IMPACT:
> DoS, System access
>
> WHERE:
> From remote
>
> OPERATING SYSTEM:
> Microsoft Windows XP Professional
> http://secunia.com/product/22/
> Microsoft Windows XP Home Edition
> http://secunia.com/product/16/
> Microsoft Windows Vista
> http://secunia.com/product/13223/
> Microsoft Windows Storage Server 2003
> http://secunia.com/product/12399/
> Microsoft Windows Server 2003 Web Edition
> http://secunia.com/product/1176/
> Microsoft Windows Server 2003 Standard Edition
> http://secunia.com/product/1173/
> Microsoft Windows Server 2003 Enterprise Edition
> http://secunia.com/product/1174/
> Microsoft Windows Server 2003 Datacenter Edition
> http://secunia.com/product/1175/
> Microsoft Windows 2000 Advanced Server
> http://secunia.com/product/21/
> Microsoft Windows 2000 Datacenter Server
> http://secunia.com/product/1177/
> Microsoft Windows 2000 Professional
> http://secunia.com/product/1/
> Microsoft Windows 2000 Server
> http://secunia.com/product/20/
>
> DESCRIPTION:
> Two vulnerabilities have been reported in Microsoft Windows, which
> can be exploited by malicious people to cause a DoS (Denial of
> Service) or compromise a vulnerable system.
>
> 1) An error in the kernel's TCP/IP implementation (tcpip.sys) when
> handling IGMPv3 and MLDv2 queries can be exploited to crash the
> system and potentially execute arbitrary code via a specially crafted
> IGMPv3 or MLDv2 packet.
>
> NOTE: This vulnerability does not affect systems running Windows
> 2000.
>
> 2) An error in the kernel's TCP/IP implementation (tcpip.sys) when
> handling fragmented router advertisement ICMP queries can be
> exploited to cause the system to stop responding via a specially
> crafted ICMP query.
>
> Successful exploitation requires that Router Discovery Protocol (RDP)
> is enabled (disabled by default).
>
> NOTE: This vulnerability does not affect systems running Windows
> Vista.
>
> SOLUTION:
> Apply patches.
>
> Windows 2000 SP4:
> http://www.microsoft.com/downloads/details.aspx?FamilyID=980f5
> 457-c7b5-421c-8643-0e57429ec156
>
> Windows XP SP2:
> http://www.microsoft.com/downloads/details.aspx?FamilyID=0a766
242-2342-4fa0-9b66-8953c54a2211
>
> Windows XP Professional x64 Edition (optionally with SP2):
> http://www.microsoft.com/downloads/details.aspx?FamilyID=2e8bc
> 7d5-fe81-4ed5-9efa-360738d160ee
>
> Windows Server 2003 SP1/SP2:
> http://www.microsoft.com/downloads/details.aspx?FamilyID=fda06
0a5-9a1e-4036-9899-13eb61fdd8be
>
> Windows Server 2003 x64 Edition (optionally with SP2):
> http://www.microsoft.com/downloads/details.aspx?FamilyID=19d99
> 3f9-06dd-4dc4-b0cc-c59e822eb8fa
>
> Windows Server 2003 with SP1/SP2 for Itanium-based systems:
> http://www.microsoft.com/downloads/details.aspx?FamilyID=2c226
> 4f7-ebbb-40ab-9dbf-9b4e313665a7
>
> Windows Vista:
> http://www.microsoft.com/downloads/details.aspx?FamilyID=23c0e
> 03a-db66-4618-bce0-af55e5c1b067
>
> Windows Vista x64 Edition:
> http://www.microsoft.com/downloads/details.aspx?FamilyID=5f6a3
> 7b1-c604-47c9-932f-485db2eda133
>
> PROVIDED AND/OR DISCOVERED BY:
> The vendor credits Alex Wheeler and Ryan Smith, IBM Internet Security
> Systems X-Force.
>
> ORIGINAL ADVISORY:
> MS08-001 (KB941644):
> http://www.microsoft.com/technet/security/Bulletin/MS08-001.mspx
>
>
|