Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Small Business Server 2003 allow remote malicious users to cause a denial of service (IP stack hang) via a continuous stream of packets on TCP port 135 that have incorrect TCP header checksums and random numbers in certain TCP header fields, as demonstrated by the Achilles Windows Attack Tool. NOTE: the researcher reports that the Microsoft Security Response Center has stated "Our investigation which has included code review, review of the TCPDump, and attempts on reproing the issue on multiple fresh installs of various Windows Operating Systems have all resulted in non confirmation.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
microsoft windows 2003 server datacenter_edition_64-bit |
||
microsoft windows 2003 server standard |
||
microsoft windows xp |
||
microsoft windows 2003 server web |
||
microsoft windows 2003 server enterprise_64-bit |
||
microsoft windows 2000 |
||
microsoft windows 2003 server standard_64-bit |
||
microsoft windows 2003 server enterprise_edition_64-bit |
||
microsoft windows 2003 server r2 |
||
microsoft windows 2003 server sp1 |
||
microsoft windows 2003 server enterprise_edition |
||
microsoft windows 2003 server datacenter_edition |
Vulmon