Microsoft Windows CE Malformed RNDIS Packet Remote Denial of Service Vulnerability
BID:24391
Info
Microsoft Windows CE Malformed RNDIS Packet Remote Denial of Service Vulnerability
| Bugtraq ID: | 24391 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 08 2007 12:00AM |
| Updated: | Jun 11 2007 04:10PM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Microsoft Windows CE 5.0 |
| Not Vulnerable: | |
Discussion
Microsoft Windows CE Malformed RNDIS Packet Remote Denial of Service Vulnerability
Microsoft Windows CE is prone to a remote denial-of-service vulnerability because it fails to properly handle maliciously crafted network packets and file data.
Successful exploits will result in denial-of-service conditions on applications using the affected RNDIS device driver.
Microsoft Windows CE 5.0 is vulnerable to this issue.
Microsoft Windows CE is prone to a remote denial-of-service vulnerability because it fails to properly handle maliciously crafted network packets and file data.
Successful exploits will result in denial-of-service conditions on applications using the affected RNDIS device driver.
Microsoft Windows CE 5.0 is vulnerable to this issue.
Exploit / POC
Microsoft Windows CE Malformed RNDIS Packet Remote Denial of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Microsoft Windows CE Malformed RNDIS Packet Remote Denial of Service Vulnerability
Solution:
The vendor has released Windows CE 5.0 Platform Builder Monthly Update (March 2007) to address this issue; please see the reference section for details.
Microsoft Windows CE 5.0
Solution:
The vendor has released Windows CE 5.0 Platform Builder Monthly Update (March 2007) to address this issue; please see the reference section for details.
Microsoft Windows CE 5.0
-
Microsoft Windows CE 5.0 Platform Builder Monthly Update (April 2007)
http://www.microsoft.com/downloads/details.aspx?familyid=104c8111-2156 -4a50-b848-3d1d090931ab&displaylang=en#filelist
References
Microsoft Windows CE Malformed RNDIS Packet Remote Denial of Service Vulnerability
References:
References:
- Access Violations on Windows CE are not Security Issues (if you�??re Microsoft) (Symantec - Ollie Whitehouse)
- KB837392 - How to locate core operating system fixes for Microsoft Windows CE Pl (Microsoft)
- Microsoft Windows CE Homepage (Microsoft)
- Remote NDIS (RNDIS) and Windows (Microsoft)