漏洞标题
N/A
漏洞描述信息
**争议性** Microsoft Windows NT 4.0、Windows 2000、Windows XP和Windows Small Business Server 2003允许远程攻击者通过连续的 packets(TCP 135端口)在TCP头部校验和(IP栈挂起)方面展示不正确的TCP头部元数据以及某些TCP头部字段中的随机数,如Achilles Windows Attack Tool所示。注:研究者报告,Microsoft Security Response Center表示:“我们的调查包括代码审查,TCPDump的审查,以及在多个Windows操作系统的多个全新安装上尝试重现该问题,但都没有得到确认。”
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Small Business Server 2003 allow remote attackers to cause a denial of service (IP stack hang) via a continuous stream of packets on TCP port 135 that have incorrect TCP header checksums and random numbers in certain TCP header fields, as demonstrated by the Achilles Windows Attack Tool. NOTE: the researcher reports that the Microsoft Security Response Center has stated "Our investigation which has included code review, review of the TCPDump, and attempts on reproing the issue on multiple fresh installs of various Windows Operating Systems have all resulted in non confirmation.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Windows Small Business Server TCP标头字段远程拒绝服务漏洞
漏洞描述信息
Microsoft Windows NT 4.0, Windows 2000, Windows XP和Windows Small Business Server 2003可以使远程攻击者借助某些TCP标头字段中有不正确的TCP标头校验和和随机数字的TCP 135端口上的连续数据包流,引起拒绝服务(IP堆栈挂起),比如Achilles Windows Attack Tool。注: 研究者报告称,Microsoft Security Response Center已表示"我方的调查包括了代码检查、TCPDum
CVSS信息
N/A
漏洞类别
其他