CVE-2007-0066 - The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protoc

CVE-2007-0066

Summary

The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-bounds read, aka "Windows Kernel TCP/IP/ICMP Vulnerability."

References

Vulnerable Configurations

cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:gold:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:gold:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*
cpe:2.3:a:microsoft:small_business_server:2003:*:sp1:*:*:*:*:*
cpe:2.3:a:microsoft:small_business_server:2003:*:sp1:*:*:*:*:*
cpe:2.3:a:microsoft:home_server:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:home_server:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*

CVSS

Base:	7.1 (as of 13-09-2021 - 01:23)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:C

oval via4

accepted

2011-11-14T04:00:23.836-05:00

class

vulnerability

contributors

name Sudhir Gandhe
organization Secure Elements, Inc.
name Dragos Prisaca
organization Gideon Technologies, Inc.
name Dragos Prisaca
organization Gideon Technologies, Inc.
name Dragos Prisaca
organization Gideon Technologies, Inc.
name Dragos Prisaca
organization Gideon Technologies, Inc.
name Dragos Prisaca
organization Gideon Technologies, Inc.
name Pooja Shetty
organization SecPod Technologies

definition_extensions

comment Microsoft Windows 2000 SP4 or later is installed
oval oval:org.mitre.oval:def:229
comment Microsoft Windows XP (x86) SP2 is installed
oval oval:org.mitre.oval:def:754
comment Microsoft Windows XP Professional x64 Edition SP1 is installed
oval oval:org.mitre.oval:def:720
comment Microsoft Windows Server 2003 SP1 (x86) is installed
oval oval:org.mitre.oval:def:565
comment Microsoft Windows Server 2003 SP1 (x64) is installed
oval oval:org.mitre.oval:def:4386
comment Microsoft Windows Server 2003 SP1 for Itanium is installed
oval oval:org.mitre.oval:def:1205
comment Microsoft Windows XP x64 Edition SP2 is installed
oval oval:org.mitre.oval:def:4193
comment Microsoft Windows Server 2003 SP2 (x86) is installed
oval oval:org.mitre.oval:def:1935
comment Microsoft Windows Server 2003 SP2 (x64) is installed
oval oval:org.mitre.oval:def:2161
comment Microsoft Windows Server 2003 (ia64) SP2 is installed
oval oval:org.mitre.oval:def:1442

description

family

windows

oval:org.mitre.oval:def:5271

status

accepted

submitted

2008-01-08T14:23:12

title

Windows Kernel TCP/IP/ICMP Vulnerability

version

refmap via4

bid	27139
cert	TA08-008A
hp	HPSBST02304 SSRT080003
iss	20070108 Multiple (3) Microsoft Windows TCP/IP Remote Code Execution and DoS Vulnerabilities
misc	http://blogs.technet.com/swi/archive/2008/01/08/ms08-001-part-2-the-case-of-the-moderate-icmp-mitigations.aspx
sectrack	1019166
secunia	28297
vupen	ADV-2008-0069
xf	win-tcpip-icmp-dos(39254)

Last major update

13-09-2021 - 01:23

Published

08-01-2008 - 20:46

Last modified

13-09-2021 - 01:23