[Japanese]

JVNDB-2011-000064

Microsoft Windows XP vulnerable to denial-of-service (DoS)

Overview

Microsoft Windows XP contains a denial-of-service (DoS) vulnerability.

Microsoft Windows XP contains an issue when processing TCP packets, which may result in a denial-of-service (DoS).

HIRT (Hitachi Incident Response Team) reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 4.3 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Partial
Affected Products


Microsoft Corporation
  • Microsoft Windows XP sp3

Impact

An attacker that can view the TCP communication of its target may cause a denial-of-service (DoS).
Solution

[Apply a workaround]
The following workaround may mitigate the affects of this vulnerability.

* Use a firewall to limit access to affected ports

According to the developer, the above workaround is the only solution for this vulnerability.
For more information, please refer to "References".
(https://jvn.jp/en/jp/JVN06924191/4953/index.html)
Vendor Information

Microsoft Corporation
CWE (What is CWE?)

  1. No Mapping(CWE-DesignError) [IPA Evaluation]
CVE (What is CVE?)

References

  1. JVN : JVN#06924191
Revision History

  • [2011/08/19]
      Web page published

Date Public2011/08/19
Date First Published2011/08/19
Date Last Updated2011/08/19