Microsoft Windows Vista Teredo UDP Nonce Spoofing Weakness
BID:23301
Info
Microsoft Windows Vista Teredo UDP Nonce Spoofing Weakness
| Bugtraq ID: | 23301 |
| Class: | Design Error |
| CVE: |
CVE-2007-1533 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 04 2007 12:00AM |
| Updated: | Apr 04 2007 09:22PM |
| Credit: | Ollie Whitehouse is credited with the discovery of this issue. |
| Vulnerable: |
Microsoft Windows Vista x64 Edition 0 Microsoft Windows Vista December CTP Microsoft Windows Vista Ultimate Microsoft Windows Vista Home Premium Microsoft Windows Vista Home Basic Microsoft Windows Vista Enterprise Microsoft Windows Vista Business Microsoft Windows Vista beta 2 Microsoft Windows Vista Beta 1 Microsoft Windows Vista Beta Microsoft Windows Vista 0 |
| Not Vulnerable: | |
Discussion
Microsoft Windows Vista Teredo UDP Nonce Spoofing Weakness
Windows Vistsa Teredo server is prone to a nonce-spoofing weakness due to its use of a nonce during the lifetime of certain connections.
This weakness can aid in attempts to spoof a Teredo server.
Windows Vistsa Teredo server is prone to a nonce-spoofing weakness due to its use of a nonce during the lifetime of certain connections.
This weakness can aid in attempts to spoof a Teredo server.
Exploit / POC
Microsoft Windows Vista Teredo UDP Nonce Spoofing Weakness
Attackers can exploit this weakness by sniffing Teredo server traffic for nonces or by brute-forcing a distinct nonce.
Attackers can exploit this weakness by sniffing Teredo server traffic for nonces or by brute-forcing a distinct nonce.
Solution / Fix
Microsoft Windows Vista Teredo UDP Nonce Spoofing Weakness
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Microsoft Windows Vista Teredo UDP Nonce Spoofing Weakness
References:
References:
- Enterprise Networking with Windows Vista (Microsoft)
- New Networking Features in Windows Server Longhorn and Windows Vista (Microsoft)
- Teredo Overview (Microsoft)
- The Teredo Protocol: Tunneling Past Network Security and Other Security Implicat (Symantec)
- Using IPv6 and Teredo (Microsoft)
- Windows Vista Network Attack Surface Analysis (Symantec)
- Windows Vista Network Attack Surface Analysis: A Broad Overview (Symantec)