Summary
The host is running Microsoft Windows and is prone to remote code execution vulnerability.
Impact
Successful exploitation will allow attacker to cause a denial of service and possibly execute arbitrary code via crafted IP packets with malformed options.
Impact Level: System
Insight
The flaw is due to insufficient validation of IP options and can be exploited to cause a vulnerable system to stop responding and restart or may allow execution of arbitrary code by sending a specially crafted IP packet to a vulnerable system.
Affected
Microsoft Windows XP SP2 and prior.
Microsoft Windows 2000 Server SP4 and prior.
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms05-019
References
Severity
Classification
-
CVE CVE-2004-0230, CVE-2004-0790, CVE-2004-1060, CVE-2005-0048, CVE-2005-0688 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Message Queuing Remote Code Execution Vulnerability (951071)
- Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2604930)
- Cumulative Security Update for Internet Explorer (933566)
- Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (2879017)
- Microsoft Active Directory LDAP Remote Code Execution Vulnerability (969805)