- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
Vulnerabilities in Windows TCP/IP Allows Code Execution (MS08-001)
------------------------------------------------------------------------
SUMMARY
This critical security update resolves two privately reported
vulnerabilities in Transmission Control Protocol/Internet Protocol
(TCP/IP) processing. An attacker who successfully exploited this
vulnerability could take complete control of an affected system. An
attacker could then install programs; view, change, or delete data; or
create new accounts with full user rights.
This is a critical security update for all supported editions of Windows
XP and Windows Vista, an important security update for all supported
editions of Windows Server 2003, and a moderate security update for all
supported editions of Microsoft Windows 2000.
This security update addresses the vulnerability by modifying the way that
the Windows kernel processes TCP/IP structures that contain multicast and
ICMP requests.
DETAILS
Affected Software:
*
<http://www.microsoft.com/downloads/details.aspx?FamilyID=980f5457-c7b5-421c-8643-0e57429ec156> Microsoft Windows 2000 Service Pack 4 - Denial of Service - Moderate - MS06-032
*
<http://www.microsoft.com/downloads/details.aspx?FamilyID=0a766242-2342-4fa0-9b66-8953c54a2211> Windows XP Service Pack 2 - Remote Code Execution - Critical - MS06-032
*
<http://www.microsoft.com/downloads/details.aspx?FamilyID=2e8bc7d5-fe81-4ed5-9efa-360738d160ee> Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 - Remote Code Execution - Critical - MS06-032
*
<http://www.microsoft.com/downloads/details.aspx?FamilyID=fda060a5-9a1e-4036-9899-13eb61fdd8be> Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 - Remote Code Execution - Important - MS06-032
*
<http://www.microsoft.com/downloads/details.aspx?FamilyID=19d993f9-06dd-4dc4-b0cc-c59e822eb8fa> Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2 - Remote Code Execution - Important - MS06-032
*
<http://www.microsoft.com/downloads/details.aspx?FamilyID=2c2264f7-ebbb-40ab-9dbf-9b4e313665a7> Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems - Remote Code Execution - Important - MS06-032
*
<http://www.microsoft.com/downloads/details.aspx?FamilyID=23c0e03a-db66-4618-bce0-af55e5c1b067> Windows Vista - Remote Code Execution - Critical - None
*
<http://www.microsoft.com/downloads/details.aspx?FamilyID=5f6a37b1-c604-47c9-932f-485db2eda133> Windows Vista x64 Edition - Remote Code Execution - Critical - None
Windows Kernel TCP/IP/IGMPv3 and MLDv2 Vulnerability - CVE-2007-0069
A remote code execution vulnerability exists in the Windows kernel due to
the way that the Windows kernel handles TCP/IP structures storing the
state of IGMPv3 and MLDv2 queries. Supported editions of Microsoft Windows
XP, Windows Server 2003, and Windows Vista all support IGMPv3. In addition
to IGMPv3, Windows Vista supports MDLv2, which adds multicast support for
IPv6 networks. An anonymous attacker could exploit the vulnerability by
sending specially crafted IGMPv3 and MLDv2 packets to a computer over the
network. An attacker who successfully exploited this vulnerability could
take complete control of an affected system. An attacker could then
install programs; view, change, or delete data; or create new accounts
with full user rights.
CVE Information:
<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0069>
CVE-2007-0069.
Windows Kernel TCP/IP/ICMP Vulnerability - CVE-2007-0066
A denial of service vulnerability exists in TCP/IP due to the way that
Windows Kernel processes fragmented router advertisement ICMP queries.
ICMP Router Discovery Protocol (RDP) is not enabled by default and is
required in order to exploit this vulnerability. However, on Windows 2003
Server and on Windows XP, RDP can be turned on by a setting in DHCP or by
a setting in the registry. On Windows 2000, RDP can be turned on by a
setting in the registry. An anonymous attacker could exploit the
vulnerability by sending specially crafted ICMP packets to a computer over
the network. An attacker who successfully exploited this vulnerability
could cause the computer to stop responding and automatically restart.
CVE Information:
<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0066>
CVE-2007-0066.
ADDITIONAL INFORMATION
The information has been provided by Microsoft Product Security.
The original article can be found at:
<http://www.microsoft.com/technet/security/bulletin/ms08-001.mspx>
http://www.microsoft.com/technet/security/bulletin/ms08-001.mspx
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
No comments:
Post a Comment