Summary
The host is running Microsoft Windows and is prone to remote code execution vulnerability.
Impact
Successful exploitation will allow attacker to cause a denial of service and possibly execute arbitrary code via crafted IP packets with malformed options.
Impact Level: System
Insight
The flaw is due to insufficient validation of IP options and can be exploited to cause a vulnerable system to stop responding and restart or may allow execution of arbitrary code by sending a specially crafted IP packet to a vulnerable system.
Affected
Microsoft Windows XP SP2 and prior.
Microsoft Windows 2000 Server SP4 and prior.
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms05-019
References
Severity
Classification
-
CVE CVE-2004-0230, CVE-2004-0790, CVE-2004-1060, CVE-2005-0048, CVE-2005-0688 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- .NET JIT Compiler Vulnerability
- Microsoft DirectShow Remote Code Execution Vulnerability (977935)
- Microsoft .NET Framework and Microsoft Silverlight Remote Code Execution Vulnerabilities (2651026)
- Microsoft IIS FTP Service Remote Code Execution Vulnerabilities (975254)
- Microsoft .NET Framework Remote Code Execution Vulnerability (2693777)