Microsoft Windows Vista Teredo Interface Firewall Bypass Vulnerability Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS07-038.

Impact

Successful exploitation allows remote attacker to bypass firewall settings and possibly obtain sensitive information about the system. Impact Level: System/Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms07-038.mspx

Insight

The flaw is due to an error in the handling of the Teredo transport mechanism resulting in network traffic being handled incorrectly though the Teredo interface. This may result in certain firewall rules being bypassed.

Affected

Microsoft Windows Vista.

References

http://secunia.com/advisories/26001
http://securitytracker.com/alerts/2007/Jul/1018354.html
http://www.microsoft.com/technet/security/bulletin/ms07-038.mspx

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-3038

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:C/I:N/A:N

Related Vulnerabilities

Microsoft Excel Remote Code Execution Vulnerability (956416)
Cumulative Security Update for Internet Explorer (937143)
Microsoft Internet Explorer Data Stream Handling Remote Code Execution Vulnerability (947864)
Active Directory Could Allow Remote Code Execution Vulnerability (957280)
Microsoft Data Analyzer ActiveX Control Vulnerability (978262)

Take action and discover your vulnerabilities