Microsoft Windows Vista Teredo Protocol Insecure Connection Weakness
BID:23267
Info
Microsoft Windows Vista Teredo Protocol Insecure Connection Weakness
| Bugtraq ID: | 23267 |
| Class: | Configuration Error |
| CVE: |
CVE-2007-1535 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 02 2007 12:00AM |
| Updated: | Apr 04 2007 07:52PM |
| Credit: | Ollie Whitehouse is credited with the discovery of this issue. |
| Vulnerable: |
Microsoft Windows Vista x64 Edition 0 Microsoft Windows Vista December CTP Microsoft Windows Vista Ultimate Microsoft Windows Vista Home Premium Microsoft Windows Vista Home Basic Microsoft Windows Vista Enterprise Microsoft Windows Vista Business Microsoft Windows Vista beta 2 Microsoft Windows Vista Beta 1 Microsoft Windows Vista Beta Microsoft Windows Vista 0 |
| Not Vulnerable: | |
Discussion
Microsoft Windows Vista Teredo Protocol Insecure Connection Weakness
Microsoft Windows Vista is prone to a weakness that may result in a false sense of security.
Teredo protocol can become activated without user interaction, which is contradictory to the documentation.
As a result, an affected computer can become vulnerable to attacks that leverage latent Teredo protocol vulnerabilities.
Microsoft Windows Vista is prone to a weakness that may result in a false sense of security.
Teredo protocol can become activated without user interaction, which is contradictory to the documentation.
As a result, an affected computer can become vulnerable to attacks that leverage latent Teredo protocol vulnerabilities.
Exploit / POC
Microsoft Windows Vista Teredo Protocol Insecure Connection Weakness
No network tools are required to activate Teredo.
No network tools are required to activate Teredo.
Solution / Fix
Microsoft Windows Vista Teredo Protocol Insecure Connection Weakness
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Microsoft Windows Vista Teredo Protocol Insecure Connection Weakness
References:
References:
- Enterprise Networking with Windows Vista (Microsoft)
- New Networking Features in Windows Server Longhorn and Windows Vista (Microsoft)
- Microsoft Windows Homepage (Microsoft )
- Teredo Overview (Microsoft)
- The Teredo Protocol: Tunneling Past Network Security and Other Security Implicat (Symantec)
- Using IPv6 and Teredo (Microsoft)
- Windows Vista Network Attack Surface Analysis (Symantec)
- Windows Vista Network Attack Surface Analysis: A Broad Overview (Symantec)