ID CVE-2007-0066
Summary The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-bounds read, aka "Windows Kernel TCP/IP/ICMP Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:home_server
    cpe:2.3:a:microsoft:home_server
  • cpe:2.3:a:microsoft:small_business_server:2003:-:sp1
    cpe:2.3:a:microsoft:small_business_server:2003:-:sp1
  • Microsoft Windows 2000 Service Pack 4
    cpe:2.3:o:microsoft:windows_2000:-:sp4
  • Microsoft Windows 2003 gold itanium
    cpe:2.3:o:microsoft:windows_2003_server:-:gold:itanium
  • Microsoft Windows 2003 Server Service Pack 1
    cpe:2.3:o:microsoft:windows_2003_server:-:sp1
  • Microsoft Windows 2003 Server Service Pack 2
    cpe:2.3:o:microsoft:windows_2003_server:-:sp2
  • Microsoft Windows 2003 Server Service Pack 2 Standard
    cpe:2.3:o:microsoft:windows_2003_server:-:sp2:standard
  • Microsoft Windows Server 2003
    cpe:2.3:o:microsoft:windows_server_2003
  • Microsoft Windows Server 2003 Service Pack 2
    cpe:2.3:o:microsoft:windows_server_2003:-:sp2
  • Microsoft Windows XP Service Pack 2
    cpe:2.3:o:microsoft:windows_xp:-:sp2
  • Microsoft Windows XP Service Pack 1 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_xp:-:sp1:x64
  • Microsoft Windows XP Service Pack 2 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_xp:-:sp2:x64
CVSS
Base: 7.1 (as of 09-01-2008 - 11:42)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
NASL family Windows : Microsoft Bulletins
NASL id SMB_NT_MS08-001.NASL
description The remote version of Windows contains a version of the TCP/IP protocol that does not properly parse IGMPv3, MLDv2 and ICMP structure. An attacker may exploit these flaws to execute code on the remote host.
last seen 2019-02-21
modified 2018-11-15
plugin id 29893
published 2008-01-08
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=29893
title MS08-001: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (941644)
oval via4
accepted 2011-11-14T04:00:23.836-05:00
class vulnerability
contributors
  • name Sudhir Gandhe
    organization Secure Elements, Inc.
  • name Dragos Prisaca
    organization Gideon Technologies, Inc.
  • name Dragos Prisaca
    organization Gideon Technologies, Inc.
  • name Dragos Prisaca
    organization Gideon Technologies, Inc.
  • name Dragos Prisaca
    organization Gideon Technologies, Inc.
  • name Dragos Prisaca
    organization Gideon Technologies, Inc.
  • name Pooja Shetty
    organization SecPod Technologies
definition_extensions
  • comment Microsoft Windows 2000 SP4 or later is installed
    oval oval:org.mitre.oval:def:229
  • comment Microsoft Windows XP (x86) SP2 is installed
    oval oval:org.mitre.oval:def:754
  • comment Microsoft Windows XP Professional x64 Edition SP1 is installed
    oval oval:org.mitre.oval:def:720
  • comment Microsoft Windows Server 2003 SP1 (x86) is installed
    oval oval:org.mitre.oval:def:565
  • comment Microsoft Windows Server 2003 SP1 (x64) is installed
    oval oval:org.mitre.oval:def:4386
  • comment Microsoft Windows Server 2003 SP1 for Itanium is installed
    oval oval:org.mitre.oval:def:1205
  • comment Microsoft Windows XP x64 Edition SP2 is installed
    oval oval:org.mitre.oval:def:4193
  • comment Microsoft Windows Server 2003 SP2 (x86) is installed
    oval oval:org.mitre.oval:def:1935
  • comment Microsoft Windows Server 2003 SP2 (x64) is installed
    oval oval:org.mitre.oval:def:2161
  • comment Microsoft Windows Server 2003 (ia64) SP2 is installed
    oval oval:org.mitre.oval:def:1442
description The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-bounds read, aka "Windows Kernel TCP/IP/ICMP Vulnerability."
family windows
id oval:org.mitre.oval:def:5271
status accepted
submitted 2008-01-08T14:23:12
title Windows Kernel TCP/IP/ICMP Vulnerability
version 41
refmap via4
bid 27139
cert TA08-008A
hp
  • HPSBST02304
  • SSRT080003
iss 20070108 Multiple (3) Microsoft Windows TCP/IP Remote Code Execution and DoS Vulnerabilities
misc http://blogs.technet.com/swi/archive/2008/01/08/ms08-001-part-2-the-case-of-the-moderate-icmp-mitigations.aspx
ms MS08-001
sectrack 1019166
secunia 28297
vupen ADV-2008-0069
xf win-tcpip-icmp-dos(39254)
Last major update 28-03-2011 - 00:00
Published 08-01-2008 - 15:46
Last modified 26-02-2019 - 09:04
Back to Top