SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Microsoft)  >   Windows TCP/IP Stack Vendors:   Microsoft
Windows TCP/IP Stack Flaws Let Remote Users Deny Service
SecurityTracker Alert ID:  1025900
SecurityTracker URL:  http://securitytracker.com/id/1025900
CVE Reference:   CVE-2011-1871, CVE-2011-1965   (Links to External Site)
Date:  Aug 9 2011
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Vista SP2, 2008 SP2, 7 SP1, 2008 R2 SP1; and prior service packs
Description:   Two vulnerabilities were reported in the Windows TCP/IP Stack. A remote user can cause denial of service conditions.

A remote user can send a series of specially crafted ICMP message to cause the target system to stop responding and automatically restart [CVE-2011-1871].

A remote user can send a specially crafted URL to a web service that uses URL-based QoS to cause the target system to stop responding and automatically restart [CVE-2011-1965].

Impact:   A remote user can cause the target system to stop responding and automatically restart.
Solution:   The vendor has issued the following fixes:

Windows Vista Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=114C2835-921A-4D3E-BE91-DFD217FD26A9

Windows Vista x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=0FCEE476-8D7E-49A7-B6EA-89043304A653

Windows Server 2008 for 32-bit Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=C01D9132-AF5F-4039-8195-95F6761F2D0E

Windows Server 2008 for x64-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=70797ADB-D693-4102-9E7C-BA1EA8FB07D0

Windows Server 2008 for Itanium-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=9BABF81A-8B21-42AE-A65C-F414793516AB

Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=814BBDFA-7CBC-40E5-8CA3-8FED9D13FF00

Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=085EE785-B6AD-4C68-835A-E17BC8F12A53

Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=9FD2B4BA-D98E-4AD6-99F2-C471335042D3

Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=93752C8F-5461-4E6F-9CAB-6401B985EF17

A restart is required.

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms11-064.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms11-064.mspx (Links to External Site)
Cause:   State error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC