Executive Summary
| Summary | |
|---|---|
| Title | Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (974145) |
| Informations | |||
|---|---|---|---|
| Name | MS10-009 | First vendor Publication | 2010-02-09 |
| Vendor | Microsoft | Last vendor Modification | 2010-02-10 |
| Severity (Vendor) | Critical | Revision | 1.1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Revision Note: V1.1 (February 10, 2010): Corrected the command-line information for the Disable the "Core Networking |
Original Source
| Url : http://www.microsoft.com/technet/security/bulletin/MS10-009.mspx |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 75 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 25 % | CWE-399 | Resource Management Errors |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:8400 | |||
| Oval ID: | oval:org.mitre.oval:def:8400 | ||
| Title: | Header MDL Fragmentation Vulnerability | ||
| Description: | The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when a custom network driver is used, does not properly handle local fragmentation of Encapsulating Security Payload (ESP) over UDP packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "Header MDL Fragmentation Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0240 | Version: | 1 |
| Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:8449 | |||
| Oval ID: | oval:org.mitre.oval:def:8449 | ||
| Title: | TCP/IP Selective Acknowledgement Vulnerability | ||
| Description: | The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via crafted packets with malformed TCP selective acknowledgement (SACK) values, aka "TCP/IP Selective Acknowledgement Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0242 | Version: | 1 |
| Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:8478 | |||
| Oval ID: | oval:org.mitre.oval:def:8478 | ||
| Title: | ICMPv6 Router Advertisement Vulnerability | ||
| Description: | The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Router Advertisement packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "ICMPv6 Router Advertisement Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0239 | Version: | 1 |
| Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:8516 | |||
| Oval ID: | oval:org.mitre.oval:def:8516 | ||
| Title: | ICMPv6 Route Information Vulnerability | ||
| Description: | The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Route Information packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "ICMPv6 Route Information Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0241 | Version: | 1 |
| Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2010-11-25 | Name : Microsoft Windows TCP/IP Could Allow Remote Code Execution (974145) File : nvt/gb_ms10-009.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 62250 | Microsoft Windows TCP/IP Stack ICMPv6 Router Advertisement Packet Handling Re... |
| 62249 | Microsoft Windows TCP/IP Stack ESP Over UDP Header MDL Fragmentation Remote C... |
| 62248 | Microsoft Windows TCP/IP Stack ICMPv6 Route Information Packet Handling Remot... |
| 62247 | Microsoft Windows TCP/IP Selective Acknowledgment (SACK) Value Handling Remot... |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2010-02-18 | IAVM : 2010-A-0030 - Multiple Vulnerabilities in Microsoft Windows TCP/IP Severity : Category I - VMSKEY : V0022684 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft Windows Ipv6pHandleRouterAdvertisement Route Information stack buff... RuleID : 18249 - Revision : 6 - Type : PROTOCOL-ICMP |
| 2014-01-10 | Microsoft Windows TCP SACK invalid range denial of service attempt RuleID : 16408 - Revision : 14 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows Ipv6pHandleRouterAdvertisement Prefix Information stack buf... RuleID : 16405 - Revision : 6 - Type : PROTOCOL-ICMP |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-02-09 | Name : The remote host has multiple vulnerabilities in its TCP/IP implementation. File : smb_nt_ms10-009.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:46:27 |
|
| 2014-01-19 21:30:26 |
|
| 2013-11-11 12:41:15 |
|
