Overview
A vulnerability in Microsoft Windows could allow a remote attacker to execute arbitrary code on a vulnerable system.
Description
Source routing is a technique to determine the network route for a packet based on information supplied by the sender in the IP packet. The TCP/IP driver in some versions of Microsoft Windows contains a buffer overflow in the handling of packets with source routing information. The driver fails to validate the length of a message before it is passed to an allocated buffer. Microsoft states that IP packets containing IP source route options 131 and 137 could be used to initiate a connection with the affected components. |
Impact
A remote attacker with the ability to supply a specially crafted packet may be able to execute arbitrary code on an affected system. The attacker-supplied code would be executed with kernel privileges. |
Solution
Apply a patch Microsoft has published patches for this issue in Microsoft Security Bulletin MS06-032. Users are encouraged to review this bulletin and apply the patches it refers to. |
Workarounds
|
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
Thanks to Microsoft Security for reporting this vulnerability. Microsoft, in turn, credits Andrey Minaev with reporting this vulnerability to them.
This document was written by Chad R Dougherty.
Other Information
| CVE IDs: | CVE-2006-2379 |
| Severity Metric: | 38.27 |
| Date Public: | 2006-06-13 |
| Date First Published: | 2006-06-13 |
| Date Last Updated: | 2006-06-13 19:26 UTC |
| Document Revision: | 7 |