| Check Point Reference: |
CPAI-2006-019 |
| Date Published: |
16 Feb 2006 |
| Severity: |
High
|
| Last Updated: |
Monday 07 May, 2007 |
| Source: |
Microsoft Security Bulletin MS06-007 |
| Industry Reference: | CVE-2006-0021 |
| Protection Provided by: |
|
| Who is Vulnerable? | Microsoft Windows XP SP1/SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition |
| Vulnerability Description |
A denial of service vulnerability exists in the handling of IGMPv3 (Internet Group Management Protocol). IGMP is a routing protocol used by hosts and routers to dynamically register and discover multicast group memberships. By sending a specially crafted IGMP packet, a remote attacker could stop the affected system to stop responding. |
| Update/Patch Avaliable | Microsoft has released a patch for this vulnerability. For the patch, refer to http://www.microsoft.com/technet/security/Bulletin/MS06-007.mspx. |
| Vulnerability Details | The vulnerability is due to an error when processing specially crafted IGMP (Internet Group Management Protocol) packets. Note that the vulnerability would not allow an attacker to execute code or to elevate their user rights, but it could cause the affected system to stop accepting requests. |
Feedback