Summary
This host is missing a critical security update according to Microsoft Bulletin MS07-038.
Impact
Successful exploitation allows remote attacker to bypass firewall settings and possibly obtain sensitive information about the system.
Impact Level: System/Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms07-038.mspx
Insight
The flaw is due to an error in the handling of the Teredo transport mechanism resulting in network traffic being handled incorrectly though the Teredo interface. This may result in certain firewall rules being bypassed.
Affected
Microsoft Windows Vista.
References
Severity
Classification
-
CVE CVE-2007-3038 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:C/I:N/A:N
Related Vulnerabilities
- Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (2879017)
- Active Directory Could Allow Remote Code Execution Vulnerability (957280)
- Microsoft .NET Framework Open Data Protocol DOS Vulnerability (2769327)
- Microsoft .NET Framework Privilege Elevation Vulnerability (2958732)
- Microsoft .NET Framework Remote Code Execution Vulnerability (2745030)