Microsoft Windows IPv6 Remote Denial Of Service Vulnerability
Wednesday, 18 May 2005 by Michel Roth
A vulnerability was identified in Microsoft Windows XP and 2003, which could be exploited by remote attackers to cause a denial of service. This flaw resides in the Windows IPv6 TCP/IP stack when processing a specially crafted packet in which the SYN flag is set, and the source address and port are the same as the destination address and port (Land Attack). A remote attacker could exploit this vulnerability to cause a vulnerable system to crash.

Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes

An exploit is out in the wild so if this is applicable to you, be sure to patch... as soon as a patch is available...

Read the full advisory here.

Related Items:

Domain Name System (DNS) Protocol Denial Of Service Vulnerability (24 May 2005)
Security Updates Summary For May 2006 (9 May 2006)
Two Vulnerabilities In Presentation Server's IMA Service (9 November 2006)
Microsoft Security Updates For February (15 February 2006)
0-Day Microsoft Excel Unspecified Code Execution Vulnerability (19 June 2006)
Trend Micro Products AntiVirus Library Buffer Overflow (27 February 2005)
Wyse Winterm 1125SE IP Option Length Denial of Service (12 August 2005)
Exploits Already Out For New Microsoft Vulnerabilities (14 October 2005)
Patches For August, Some Exploits Are In the Wild (10 August 2005)
McAfee Antivirus Products LHA Archive Stack Overflow Vulnerability (18 March 2005)
Comments (0)add feed
Show/Hide comment formtoggle
password
 

busy