| VID |
26135 |
| Severity |
40 |
| Port |
|
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (MS05-019, KB893066) for 'Vulnerabilities in TCP/IP' seems not to have been installed. Microsoft Windows operating systems are vulnerable to remote code execution and denial of service vulnerabilities as follows:
1) IP Validation Vulnerability (CAN-2005-0048) : Remote Code Execution
2) ICMP Connection Reset Vulnerability (CAN-2004-0790) : Denial of Service
3) ICMP Path MTU Vulnerability (CAN-2004-1060) : Denial of Service
4) TCP Connection Reset Vulnerability (CAN-2004-0230) : Denial of Service
5) Spoofed Connection Request Vulnerability (CAN-2005-0688) : Denial of Service
A remote unauthenticated attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system.
* References:
http://www.microsoft.com/technet/security/bulletin/MS05-019.mspx
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
http://www.ietf.org/internet-drafts/draft-gont-tcpm-icmp-attacks-00.txt
http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en
http://ietfreport.isoc.org/idref/draft-gont-tcpm-icmp-attacks/#page-13
http://www.kb.cert.org/vuls/id/415294
http://xforce.iss.net/xforce/alerts/id/170
http://archives.neohapsis.com/archives/bugtraq/2005-03/0098.html
* Platforms Affected:
Microsoft Windows 98, Me
Microsoft Windows 2000 Any version SP 4
Microsoft Windows XP Any version SP 2
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows Server 2003 |
| Recommendation |
Apply the appropriate patch (KB893066) for your system, as listed in Microsoft Security Bulletin MS05-019 at http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2005-0048,CVE-2004-0790,CVE-2004-1060,CVE-2004-0230,CVE-2005-0688 (CVE) |
| Related URL |
13124,13116 (SecurityFocus) |
| Related URL |
19103,17170,18499,15886,19593 (ISS) |
|
