SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Firewall)  >   Microsoft Internet Connection Firewall (ICF) Vendors:   Microsoft
Microsoft Internet Connection Firewall Fails to Block IP Version 6 Protocol
SecurityTracker Alert ID:  1006844
SecurityTracker URL:  http://securitytracker.com/id/1006844
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  May 26 2003
Impact:   Host/resource access via network
Vendor Confirmed:  Yes  Exploit Included:  Yes  

Description:   A vulnerability was reported in Microsoft's Internet Connection Firewall (ICF) and Basic Firewall. The firewall software does not filter the IPv6 protocol.

Microsoft released Knowledge Base Article 306203 reporting that if Microsoft Internet Protocol version 6 (IPv6) is installed on Windows 2003 or Windows XP and either the ICF or the Basic Firewall is enabled, the firewall will not filter IPv6 traffic.

Microsoft reports that the firewall does filter Internet Protocol version 4 (IPv4) traffic.

Impact:   A remote user can send and receive IPv6 packets to and from the target host. The packets will not be blocked by the target host.
Solution:   No solution was available at the time of this entry.

Microsoft suggests that, as a workaround, you can "obtain firewall software that can filter and block IPv6 traffic."

The article does not indicate whether Microsoft plans to issue a fix or not. The source article is available at:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q306203

More information on ICF is available in KB article 320855 (Description of the Windows XP Internet Connection Firewall), available at:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;320855

Additional information on IPv6 is available at:

http://www.microsoft.com/windowsserver2003/technologies/ipv6/ipv6.mspx

Security information for IPv6 is available at:

http://www.microsoft.com/technet/prodtechnol/windowsserver2003/proddocs/entserver/sag_IP_v6_ovr_Security.asp

Vendor URL:  support.microsoft.com/default.aspx?scid=kb;EN-US;Q306203 (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (2003), Windows (XP)

Message History:   None.


 Source Message Contents

Subject:  Microsoft Knowledge Base Article - 306203


http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q306203

Windows 2003, Windows XP

Microsoft released Knowledge Base Article 306203 reporting that the Internet Connection 
Firewall (ICF) and Basic Firewall do not block Internet Protocol version 6 network traffic.

If Microsoft Internet Protocol version 6 (IPv6) is installed on Windows 2003 or Windows XP 
and either the Internet Connection Firewall (ICF) or the Basic Firewall is enabled, the 
firewall will not filter IPv6 traffic.

Microsoft reports that the firewall does filter Internet Protocol version 4 (IPv4) traffic.

Microsoft suggests that, as a workaround, you can "obtain firewall software that can 
filter and block IPv6 traffic."

More information is available in KB article 320855 (Description of the Windows XP Internet 
Connection Firewall), available at:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;320855

Additional information on IPv6 is available at:

http://www.microsoft.com/windowsserver2003/technologies/ipv6/ipv6.mspx

Security information for IPv6 is available at:

http://www.microsoft.com/technet/prodtechnol/windowsserver2003/proddocs/entserver/sag_IP_v6_ovr_Security.asp



 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC