Info

Disclosure

Mar 05, 2005

Discovery

Feb 25, 2005

Dates

Exploit

Mar 05, 2005

Solution

Unknown

Description

Microsoft Windows contains a flaw that may allow a remote denial of service. The issue is triggered when sending a TCP packet with the SYN flag set and the same destination and source address and port, which causes the system to consume all available CPU resources, resulting in a loss of availability.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Windows	XP SP2
		XP x64 Version 2003
		ME
		98 SE
		2003 Server
		2000 SP3
		98
		XP SP1
		2000 SP4
		XP SP1 x64

References

Bugtraq ID: 13658
Secunia Advisory ID: 14512 22341
ISS X-Force ID: 19593
CVE ID: 2005-0688 (see also: NVD) 2005-1649 (see also: NVD)
SCIP VulDB ID: 2601
Related OSVDB ID: 29429 29430
CERT VU: 396645
Milw0rm: 861
Exploit Database: 861
Microsoft Knowledge Base Article: 893066 922819
VUPEN Advisory: ADV-2005-0559
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-03/0098.html
http://archives.neohapsis.com/archives/ntbugtraq/2005-q2/0061.html
Vendor URL: http://www.microsoft.com/
Microsoft Security Bulletin: MS05-019 MS06-064

Credit

Dejan Levaja - dejanlevaja.com -

Direct URL: http://osvdb.org/14578

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Windows

References

Credit