PT-2006-1112 · Microsoft · Windows Xp+2

Dookie

Published

2006-02-14

Updated

2018-10-19

CVE-2006-0021

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP1 through SP2 Microsoft Windows Server 2003 versions up to SP1

Description: A denial of service issue exists, allowing remote attackers to cause the system to hang via an IGMP packet with an invalid IP option. An attacker could send a specially crafted IGMP packet to the affected system, causing it to stop responding.

Recommendations: For Microsoft Windows XP versions SP1 through SP2, apply the necessary configuration changes to restrict the handling of IGMP packets. For Microsoft Windows Server 2003 versions up to SP1, restrict access to the system to minimize the risk of exploitation until a fix is available. As a temporary workaround, consider disabling the handling of IGMP v3 packets until a patch is available.

Exploit

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2006-0021

Affected Products

Windows Server 2003

Windows Xp

Windows

PT-2006-1112 · Microsoft · Windows Xp+2

CVE-2006-0021

Weakness Enumeration

Related Identifiers

Affected Products

References · 28