Microsoft Windows Vista LLTD Responder Discovery Packet Spoofing Vulnerability

Bugtraq ID:	23263
Class:	Race Condition Error
CVE:	CVE-2007-1529
Remote:	Yes
Local:	No
Published:	Apr 02 2007 12:00AM
Updated:	Jun 26 2007 04:08AM
Credit:	Ollie Whitehouse is credited with the discovery of this vulnerability.
Vulnerable:	Microsoft Windows Vista December CTP Microsoft Windows Vista Ultimate Microsoft Windows Vista Home Premium Microsoft Windows Vista Home Basic Microsoft Windows Vista Enterprise Microsoft Windows Vista Business Microsoft Windows Vista beta 2 Microsoft Windows Vista Beta 1 Microsoft Windows Vista Beta Microsoft Windows Vista 0
Not Vulnerable:

Microsoft Windows Vista LLTD Responder Discovery Packet Spoofing Vulnerability

Microsoft Windows Vista is prone to a vulnerability that permits an attacker to spoof arbitrary hosts through a network-based race condition.

An attacker can exploit this issue to impersonate another host on the network. This may lead to further attacks.

Microsoft Windows Vista LLTD Responder Discovery Packet Spoofing Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

Microsoft Windows Vista LLTD Responder Discovery Packet Spoofing Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

Microsoft Windows Vista LLTD Responder Discovery Packet Spoofing Vulnerability

References:

• Microsoft Homepage (Microsoft)
  
• Windows Vista Network Attack Surface Analysis (Symantec)