Security

Microsoft Windows TCP/IP Stack Denial of Service Vulnerabilities

Description

Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service).

1) An error in the TCP/IP stack (Tcpip.sys) when parsing received ICMP messages can be exploited to cause a system to stop responding or restart via a sequence of specially crafted ICMP messages.

2) An error in the TCP/IP stack (Tcpip.sys) when parsing URLs can be exploited to cause a system to stop responding or restart via a specially crafted URL request to a system serving web content with URL-based QoS (Quality of Service) enabled (disabled by default).

Solution

Apply patches.

Provided and/or discovered by
Reported by the vendor.

Original Advisory
MS11-064 (KB2563894):
http://www.microsoft.com/technet/security/bulletin/ms11-064.mspx

Source Advisory
http://secunia.com/advisories/45500/ 

Advertisements

1 thought on “Microsoft Windows TCP/IP Stack Denial of Service Vulnerabilities”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s