Vulnerability Bulletins |
Desbordamiento de búfer en el driver de TCP/IP de Microsoft Windows |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Obtener acceso |
Dificulty | Experto |
Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
Property | Value |
Affected manufacturer | Microsoft |
Affected software |
Microsoft Windows 2000 Service Pack 4 Microsoft Windows XP Service Pack 1 Microsoft Windows XP Service Pack 2 Microsoft Windows XP Professional x64 Edition Microsoft Windows Server 2003 Microsoft Windows Server 2003 Service Pack 1 Microsoft Windows Server 2003 Itanium Microsoft Windows Server 2003 SP1 Itanium Microsoft Windows Server 2003 x64 Edition |
Description |
|
Se ha descubierto una vulnerabilidad de tipo desbordamiento de búfer en varias versiones de Microsoft Windows. La vulnerabilidad reside en un error en el driver del protocolo TCP/IP al manejar paqutes con "IP source routing". Un atacante remoto podría ejecutar código arbitrario. |
|
Solution |
|
Actualización de software Microsoft Microsoft Windows 2000 Service Pack 4 http://www.microsoft.com/downloads/details.aspx?FamilyId=305e208c-d75c-471b-9e57-30d01e320ad1 Microsoft Windows XP Service Pack 1, Microsoft Windows XP Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=b62abe8e-4735-4934-a66e-5b957986efbf Microsoft Windows XP Professional x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=44213900-9082-45dc-b514-31d38717fe89 Microsoft Windows Server 2003, Microsoft Windows Server 2003 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=ea319c61-b405-41ab-9eee-d5b3488b90e0 Microsoft Windows Server 2003 Itanium, Microsoft Windows Server 2003 SP1 Itanium http://www.microsoft.com/downloads/details.aspx?FamilyId=cd8b88b5-f90f-4c0c-a5ad-3641751381c9 Microsoft Windows Server 2003 x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=cd8699bc-6760-4f0e-b8e0-2e7d89092ce8 |
|
Standar resources |
|
Property | Value |
CVE | CVE-2006-2379 |
BID | 18374 |
Other resources |
|
Microsoft Security Bulletin (MS06-032) http://www.microsoft.com/technet/security/Bulletin/MS06-032.mspx |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2006-06-14 |