ID

VAR-200503-0010


CVE

CVE-2005-0688


TITLE

Microsoft Windows vulnerable to DoS via LAND attack

Trust: 0.8

sources: CERT/CC: VU#396645

DESCRIPTION

Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the "Land" vulnerability (CVE-1999-0016). Microsoft Windows does not adequately validate IP options, allowing an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service. An attacker could take complete control of a vulnerable system. When a packet of this sort is received, an infinite loop is initiated and the affected system halts. This is known to affect Windows 95, Windows NT 4.0 up to SP3, Windows Server 2003, Windows XP SP2, Cisco IOS devices & Catalyst switches, and HP-UX up to 11.00. It is noted that on Windows Server 2003 and XP SP2, the TCP and IP checksums must be correct to trigger the issue. **Update: It is reported that Microsoft platforms are also prone to this vulnerability. The vendor reports that network routers may not route malformed TCP/IP packets used to exploit this issue. As a result, an attacker may have to discover a suitable route to a target computer, or reside on the target network segment itself before exploitation is possible. ---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Microsoft Exchange SMTP Service Extended Verb Request Buffer Overflow SECUNIA ADVISORY ID: SA14920 VERIFY ADVISORY: http://secunia.com/advisories/14920/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Microsoft Exchange Server 2000 http://secunia.com/product/41/ Microsoft Exchange Server 2003 http://secunia.com/product/1828/ DESCRIPTION: ISS X-Force has reported a vulnerability in Microsoft Exchange Server, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the SMTP service within the handling of a certain extended verb request. This can be exploited to cause a heap-based buffer overflow by connecting to the SMTP service and issuing a specially crafted command. Successful exploitation allows execution of arbitrary code with the privileges of the SMTP service (by default "Local System"). Instead, this requires permissions usually only granted to other Exchange servers in a domain. SOLUTION: Apply patches. Microsoft Exchange 2000 Server (requires SP3): http://www.microsoft.com/downloads/details.aspx?FamilyId=2A2AF17E-2E4A-4479-8AC9-B5544EA0BD66 Microsoft Exchange Server 2003: http://www.microsoft.com/downloads/details.aspx?FamilyId=97F409EB-C8D0-4C94-A67B-5945E26C9267 Microsoft Exchange Server 2003 (requires SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=35BCE74A-E84A-4035-BF18-196368F032CC The following versions are not affected: * Microsoft Exchange Server 5.5 SP4 * Microsoft Exchange Server 5.0 SP2 PROVIDED AND/OR DISCOVERED BY: Mark Dowd and Ben Layer, ISS X-Force. ORIGINAL ADVISORY: MS05-021 (KB894549): http://www.microsoft.com/technet/security/Bulletin/MS05-021.mspx ISS X-Force: http://xforce.iss.net/xforce/alerts/id/193 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 4.41

sources: NVD: CVE-2005-0688 // CERT/CC: VU#396645 // CERT/CC: VU#233754 // CERT/CC: VU#275193 // JVNDB: JVNDB-2005-000167 // BID: 13658 // BID: 2666 // PACKETSTORM: 37141

AFFECTED PRODUCTS

vendor:microsoftmodel: - scope: - version: -

Trust: 2.4

vendor:microsoftmodel:windows 2003 serverscope:eqversion:r2

Trust: 1.6

vendor:microsoftmodel:windows xpscope:eqversion:*

Trust: 1.0

vendor:microsoftmodel:windows server 2003scope:eqversion:none

Trust: 0.8

vendor:microsoftmodel:windows server 2003scope:eqversion:(itanium)

Trust: 0.8

vendor:microsoftmodel:windows server 2003scope:eqversion:(x64)

Trust: 0.8

vendor:microsoftmodel:windows xpscope:eqversion:(x64)

Trust: 0.8

vendor:microsoftmodel:windows xpscope:eqversion:sp3

Trust: 0.8

vendor:microsoftmodel:windows xp home sp1scope: - version: -

Trust: 0.6

vendor:bsdimodel:bsd/osscope:eqversion:2.1

Trust: 0.6

vendor:hpmodel:hp-uxscope:eqversion:10.01

Trust: 0.6

vendor:microsoftmodel:windows nt workstation sp3scope:eqversion:4.0

Trust: 0.6

vendor:netbsdmodel:netbsdscope:neversion:1.3.1

Trust: 0.6

vendor:linuxmodel:kernelscope:eqversion:2.0.31

Trust: 0.6

vendor:freebsdmodel:freebsdscope:eqversion:2.2.5

Trust: 0.6

vendor:ciscomodel:ios aascope:neversion:11.1.15

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:11.0

Trust: 0.6

vendor:hpmodel:hp-uxscope:eqversion:10.10

Trust: 0.6

vendor:freebsdmodel:freebsdscope:neversion:2.2.6

Trust: 0.6

vendor:netbsdmodel:netbsdscope:eqversion:1.0

Trust: 0.6

vendor:microsoftmodel:windows xp professionalscope: - version: -

Trust: 0.6

vendor:microsoftmodel:windows nt enterprise server sp4scope:neversion:4.0

Trust: 0.6

vendor:bsdimodel:bsd/osscope:neversion:3.0

Trust: 0.6

vendor:microsoftmodel:windows server enterprise edition sp1 betascope:eqversion:20031

Trust: 0.6

vendor:linuxmodel:kernelscope:neversion:2.0.34

Trust: 0.6

vendor:microsoftmodel:windows nt workstation sp2scope:eqversion:4.0

Trust: 0.6

vendor:ciscomodel:ios fscope:neversion:11.2.4

Trust: 0.6

vendor:ciscomodel:ios btscope:neversion:11.0.12

Trust: 0.6

vendor:microsoftmodel:windows nt workstation sp4scope:neversion:4.0

Trust: 0.6

vendor:microsoftmodel:windows server enterprise edition itaniumscope:eqversion:20030

Trust: 0.6

vendor:microsoftmodel:windows xp tablet pc edition sp1scope: - version: -

Trust: 0.6

vendor:ciscomodel:ios iascope:neversion:11.1.15

Trust: 0.6

vendor:netbsdmodel:netbsdscope:neversion:1.3

Trust: 0.6

vendor:microsoftmodel:windows xp tablet pc editionscope: - version: -

Trust: 0.6

vendor:bsdimodel:bsd/osscope:neversion:3.1

Trust: 0.6

vendor:microsoftmodel:windows server enterprise edition sp1scope:eqversion:2003

Trust: 0.6

vendor:linuxmodel:kernelscope:neversion:2.1.x

Trust: 0.6

vendor:linuxmodel:kernelscope:neversion:2.2

Trust: 0.6

vendor:linuxmodel:kernelscope:neversion:2.1

Trust: 0.6

vendor:microsoftmodel:windows xp 64-bit editionscope: - version: -

Trust: 0.6

vendor:ciscomodel:iosscope:neversion:10.3.16

Trust: 0.6

vendor:microsoftmodel:windows server enterprise edition itanium sp1scope:eqversion:2003

Trust: 0.6

vendor:linuxmodel:kernelscope:neversion:2.0.38

Trust: 0.6

vendor:microsoftmodel:windows server standard edition sp1 betascope:eqversion:20031

Trust: 0.6

vendor:novellmodel:netwarescope:eqversion:4.1

Trust: 0.6

vendor:microsoftmodel:windows server standard edition sp1scope:eqversion:2003

Trust: 0.6

vendor:bsdimodel:bsd/osscope:eqversion:2.0

Trust: 0.6

vendor:microsoftmodel:windows xp media center editionscope: - version: -

Trust: 0.6

vendor:linuxmodel:kernelscope:neversion:2.0.36

Trust: 0.6

vendor:microsoftmodel:windows xp media center edition sp2scope: - version: -

Trust: 0.6

vendor:microsoftmodel:windows nt workstationscope:eqversion:4.0

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:10.3

Trust: 0.6

vendor:ciscomodel:ios btscope:neversion:11.0.17

Trust: 0.6

vendor:microsoftmodel:windows server datacenter edition itaniumscope:eqversion:20030

Trust: 0.6

vendor:freebsdmodel:freebsdscope:neversion:3.x

Trust: 0.6

vendor:microsoftmodel:windows nt enterprise server sp1scope:eqversion:4.0

Trust: 0.6

vendor:microsoftmodel:windows server datacenter edition sp1 betascope:eqversion:20031

Trust: 0.6

vendor:microsoftmodel:windows nt enterprise server sp3scope:eqversion:4.0

Trust: 0.6

vendor:ciscomodel:iosscope:neversion:11.2.10

Trust: 0.6

vendor:microsoftmodel:windows nt terminal server sp1scope:eqversion:4.0

Trust: 0.6

vendor:freebsdmodel:freebsdscope:eqversion:2.1.5

Trust: 0.6

vendor:ciscomodel:iosscope:neversion:11.1.7

Trust: 0.6

vendor:bsdimodel:bsd/osscope:eqversion:2.0.1

Trust: 0.6

vendor:microsoftmodel:windows server web edition sp1scope:eqversion:2003

Trust: 0.6

vendor:microsoftmodel:windows nt enterprise server sp2scope:eqversion:4.0

Trust: 0.6

vendor:microsoftmodel:windows xp tablet pc edition sp2scope: - version: -

Trust: 0.6

vendor:microsoftmodel:windows server enterprise edition itanium sp1 betascope:eqversion:20031

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:11.2

Trust: 0.6

vendor:freebsdmodel:freebsdscope:eqversion:2.2.3

Trust: 0.6

vendor:bsdimodel:bsd/osscope:eqversion:1.1

Trust: 0.6

vendor:linuxmodel:kernelscope:neversion:2.0.33

Trust: 0.6

vendor:microsoftmodel:windows nt terminal server sp3scope:eqversion:4.0

Trust: 0.6

vendor:scomodel:open desktopscope:eqversion:3.0

Trust: 0.6

vendor:freebsdmodel:freebsdscope:eqversion:2.1.6.1

Trust: 0.6

vendor:ciscomodel:ios iascope:neversion:11.1.9

Trust: 0.6

vendor:hpmodel:hp-uxscope:eqversion:10.16

Trust: 0.6

vendor:netbsdmodel:netbsdscope:neversion:1.3.2

Trust: 0.6

vendor:ciscomodel:ios aascope:neversion:11.1.7

Trust: 0.6

vendor:ciscomodel:iosscope:neversion:11.0.17

Trust: 0.6

vendor:microsoftmodel:windows server datacenter edition itanium sp1 betascope:eqversion:20031

Trust: 0.6

vendor:microsoftmodel:windows nt enterprise serverscope:eqversion:4.0

Trust: 0.6

vendor:microsoftmodel:windows server datacenter editionscope:eqversion:2003

Trust: 0.6

vendor:microsoftmodel:windows nt terminal serverscope:eqversion:4.0

Trust: 0.6

vendor:hpmodel:hp-uxscope:eqversion:9.0

Trust: 0.6

vendor:scomodel:unixwarescope:eqversion:2.1

Trust: 0.6

vendor:microsoftmodel:windows xp professional sp1scope: - version: -

Trust: 0.6

vendor:freebsdmodel:freebsdscope:neversion:2.2.2

Trust: 0.6

vendor:microsoftmodel:windows server standard editionscope:eqversion:2003

Trust: 0.6

vendor:ciscomodel:iosscope:neversion:11.2.4

Trust: 0.6

vendor:ciscomodel:ios ascope:neversion:10.3.19

Trust: 0.6

vendor:netbsdmodel:netbsdscope:eqversion:1.1

Trust: 0.6

vendor:ciscomodel:ios f1scope:neversion:11.2.4

Trust: 0.6

vendor:linuxmodel:kernelscope:neversion:2.0.35

Trust: 0.6

vendor:hpmodel:hp-uxscope:eqversion:11.0

Trust: 0.6

vendor:microsoftmodel:windows xp homescope: - version: -

Trust: 0.6

vendor:scomodel:cmw+scope:eqversion:3.0

Trust: 0.6

vendor:freebsdmodel:freebsdscope:eqversion:2.2

Trust: 0.6

vendor:bsdimodel:bsd/osscope:neversion:4.0

Trust: 0.6

vendor:microsoftmodel:windows server web editionscope:eqversion:2003

Trust: 0.6

vendor:freebsdmodel:freebsdscope:eqversion:2.1

Trust: 0.6

vendor:ciscomodel:ios cascope:neversion:11.1.15

Trust: 0.6

vendor:microsoftmodel:windows xp media center edition sp1scope: - version: -

Trust: 0.6

vendor:ciscomodel:ios/700scope:eqversion:1.0

Trust: 0.6

vendor:linuxmodel:kernelscope:eqversion:2.0.30

Trust: 0.6

vendor:sunmodel:sunosscope:eqversion:4.1.4

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:11.1

Trust: 0.6

vendor:microsoftmodel:windows nt server sp3scope:eqversion:4.0

Trust: 0.6

vendor:microsoftmodel:windowsscope:eqversion:95

Trust: 0.6

vendor:linuxmodel:kernelscope:neversion:2.2.10

Trust: 0.6

vendor:ciscomodel:catalyst supervisor softwarescope:neversion:29xx2.4.401

Trust: 0.6

vendor:linuxmodel:kernelscope:neversion:2.0.37

Trust: 0.6

vendor:sunmodel:sunos u1scope:eqversion:4.1.3

Trust: 0.6

vendor:microsoftmodel:windows ntscope:eqversion:3.5.1

Trust: 0.6

vendor:hpmodel:hp-uxscope:eqversion:10.24

Trust: 0.6

vendor:hpmodel:hp-uxscope:eqversion:10.0

Trust: 0.6

vendor:marconimodel:atm switchscope:eqversion:6.1.1

Trust: 0.6

vendor:linuxmodel:kernelscope:neversion:2.0.32

Trust: 0.6

vendor:microsoftmodel:windows nt server sp1scope:eqversion:4.0

Trust: 0.6

vendor:microsoftmodel:windows nt terminal server sp4scope:neversion:4.0

Trust: 0.6

vendor:microsoftmodel:windows xp professional sp2scope: - version: -

Trust: 0.6

vendor:microsoftmodel:windows xp home sp2scope: - version: -

Trust: 0.6

vendor:ciscomodel:catalyst supervisor softwarescope:neversion:29xx2.1.1102

Trust: 0.6

vendor:netbsdmodel:netbsdscope:eqversion:1.2.1

Trust: 0.6

vendor:microsoftmodel:windows xp 64-bit edition sp1scope: - version: -

Trust: 0.6

vendor:scomodel:open serverscope:eqversion:5.0

Trust: 0.6

vendor:microsoftmodel:windows xp 64-bit edition version sp1scope:eqversion:2003

Trust: 0.6

vendor:freebsdmodel:freebsdscope:neversion:2.2.8

Trust: 0.6

vendor:microsoftmodel:windows nt workstation sp1scope:eqversion:4.0

Trust: 0.6

vendor:microsoftmodel:windows nt server sp2scope:eqversion:4.0

Trust: 0.6

vendor:ciscomodel:ios pscope:neversion:11.2.9

Trust: 0.6

vendor:marconimodel:atm switchscope:eqversion:7.0.1

Trust: 0.6

vendor:microsoftmodel:windows server datacenter edition sp1scope:eqversion:2003

Trust: 0.6

vendor:freebsdmodel:freebsdscope:eqversion:2.2.4

Trust: 0.6

vendor:microsoftmodel:windows nt server sp4scope:neversion:4.0

Trust: 0.6

vendor:microsoftmodel:windows nt serverscope:eqversion:4.0

Trust: 0.6

vendor:ciscomodel:iosscope:neversion:11.1.15

Trust: 0.6

vendor:microsoftmodel:windows server enterprise editionscope:eqversion:2003

Trust: 0.6

vendor:freebsdmodel:freebsdscope:eqversion:2.1.6

Trust: 0.6

vendor:hpmodel:hp-uxscope:eqversion:10.20

Trust: 0.6

vendor:bsdimodel:bsd/osscope:neversion:4.0.1

Trust: 0.6

vendor:microsoftmodel:windows xp 64-bit edition versionscope:eqversion:2003

Trust: 0.6

vendor:ciscomodel:ios cascope:neversion:11.1.7

Trust: 0.6

vendor:microsoftmodel:windows server datacenter edition itanium sp1scope:eqversion:2003

Trust: 0.6

vendor:netbsdmodel:netbsdscope:eqversion:1.2

Trust: 0.6

vendor:microsoftmodel:windows nt terminal server sp2scope:eqversion:4.0

Trust: 0.6

vendor:freebsdmodel:freebsdscope:eqversion:2.1x

Trust: 0.6

vendor:microsoftmodel:windows server web edition sp1 betascope:eqversion:20031

Trust: 0.6

vendor:hpmodel:hp-uxscope:eqversion:10.30

Trust: 0.6

vendor:microsoftmodel:windows xpscope:eqversion:sp2

Trust: 0.6

vendor:microsoftmodel:windows server standard editionscope:eqversion:2003x64

Trust: 0.3

vendor:avayamodel:modular messagingscope:eqversion:3.0

Trust: 0.3

vendor:microsoftmodel:windows xp professional editionscope:eqversion:x64

Trust: 0.3

vendor:microsoftmodel:windows xpscope:eqversion:0

Trust: 0.3

vendor:microsoftmodel:windows xp embedded sp1scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp embeddedscope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows server enterprise editionscope:eqversion:2003x64

Trust: 0.3

vendor:microsoftmodel:windows xp goldscope:eqversion:0

Trust: 0.3

vendor:microsoftmodel:windows server datacenter editionscope:eqversion:2003x64

Trust: 0.3

vendor:microsoftmodel:windows nt sp5scope:neversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp1scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows ntscope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp3scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp2scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp3 alphascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp4scope:neversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt sp6scope:neversion:4.0

Trust: 0.3

sources: CERT/CC: VU#396645 // CERT/CC: VU#233754 // CERT/CC: VU#275193 // BID: 13658 // BID: 2666 // JVNDB: JVNDB-2005-000167 // CNNVD: CNNVD-200503-048 // NVD: CVE-2005-0688

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2005-0688
value: MEDIUM

Trust: 1.8

CARNEGIE MELLON: VU#396645
value: 12.15

Trust: 0.8

CARNEGIE MELLON: VU#233754
value: 12.29

Trust: 0.8

CARNEGIE MELLON: VU#275193
value: 36.15

Trust: 0.8

CNNVD: CNNVD-200503-048
value: MEDIUM

Trust: 0.6

NVD: CVE-2005-0688
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.8

sources: CERT/CC: VU#396645 // CERT/CC: VU#233754 // CERT/CC: VU#275193 // JVNDB: JVNDB-2005-000167 // CNNVD: CNNVD-200503-048 // NVD: CVE-2005-0688

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-0688

THREAT TYPE

network

Trust: 0.6

sources: BID: 13658 // BID: 2666

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.6

sources: BID: 13658 // BID: 2666

CONFIGURATIONS

sources: NVD: CVE-2005-0688

PATCH

title:MS06-064url:http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx

Trust: 0.8

title:MS05-019url:http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx

Trust: 0.8

title:MS05-019url:http://www.microsoft.com/japan/technet/security/bulletin/ms05-019.mspx

Trust: 0.8

title:MS06-064url:http://www.microsoft.com/japan/technet/security/bulletin/ms06-064.mspx

Trust: 0.8

sources: JVNDB: JVNDB-2005-000167

EXTERNAL IDS

db:NVDid:CVE-2005-0688

Trust: 3.0

db:SECUNIAid:14512

Trust: 2.4

db:USCERTid:TA05-102A

Trust: 1.6

db:SECUNIAid:22341

Trust: 1.6

db:VUPENid:ADV-2006-3983

Trust: 1.6

db:BIDid:2666

Trust: 1.1

db:SECUNIAid:14920

Trust: 0.9

db:OSVDBid:14578

Trust: 0.8

db:XFid:19593

Trust: 0.8

db:CERT/CCid:VU#396645

Trust: 0.8

db:BIDid:13116

Trust: 0.8

db:SECTRACKid:1013686

Trust: 0.8

db:CERT/CCid:VU#233754

Trust: 0.8

db:OSVDBid:15467

Trust: 0.8

db:CERT/CCid:VU#275193

Trust: 0.8

db:JVNDBid:JVNDB-2005-000167

Trust: 0.8

db:OVALid:OVAL:ORG.MITRE.OVAL:DEF:4978

Trust: 0.6

db:OVALid:OVAL:ORG.MITRE.OVAL:DEF:1288

Trust: 0.6

db:OVALid:OVAL:ORG.MITRE.OVAL:DEF:482

Trust: 0.6

db:OVALid:OVAL:ORG.MITRE.OVAL:DEF:1685

Trust: 0.6

db:MSid:MS06-064

Trust: 0.6

db:MSid:MS05-019

Trust: 0.6

db:HPid:SSRT061264

Trust: 0.6

db:BUGTRAQid:20050305 WINDOWS SERVER 2003 AND XP SP2 LAND ATTACK VULNERABILITY

Trust: 0.6

db:CNNVDid:CNNVD-200503-048

Trust: 0.6

db:BIDid:13658

Trust: 0.3

db:PACKETSTORMid:37141

Trust: 0.1

sources: CERT/CC: VU#396645 // CERT/CC: VU#233754 // CERT/CC: VU#275193 // BID: 13658 // BID: 2666 // JVNDB: JVNDB-2005-000167 // PACKETSTORM: 37141 // CNNVD: CNNVD-200503-048 // NVD: CVE-2005-0688

REFERENCES

url:http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx

Trust: 2.8

url:http://secunia.com/advisories/14512/

Trust: 1.6

url:http://www.us-cert.gov/cas/techalerts/ta05-102a.html

Trust: 1.6

url:http://secunia.com/advisories/22341

Trust: 1.6

url:http://www.vupen.com/english/advisories/2006/3983

Trust: 1.0

url:http://marc.info/?l=bugtraq&m=111005099504081&w=2

Trust: 1.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4978

Trust: 1.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a482

Trust: 1.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1685

Trust: 1.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1288

Trust: 1.0

url:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064

Trust: 1.0

url:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019

Trust: 1.0

url:http://www.securityfocus.com/archive/1/449179/100/0/threaded

Trust: 1.0

url:http://xforce.iss.net/xforce/alerts/id/193

Trust: 0.9

url:http://www.microsoft.com/technet/security/bulletin/ms05-021.mspx

Trust: 0.9

url:http://secunia.com/advisories/14920/

Trust: 0.9

url:http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx

Trust: 0.9

url:http://secunia.com/advisories/14512

Trust: 0.8

url:http://www.securityfocus.com/bid/2666

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/19593

Trust: 0.8

url:http://osvdb.org/displayvuln.php?osvdb_id=14578

Trust: 0.8

url:http://xforce.iss.net/xforce/alerts/id/192

Trust: 0.8

url:http://www.iana.org/assignments/ip-parameters

Trust: 0.8

url:http://www.securityfocus.com/bid/13116/

Trust: 0.8

url:http://securitytracker.com/alerts/2005/apr/1013686.html

Trust: 0.8

url:http://www.osvdb.org/displayvuln.php?osvdb_id=15467

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-0688

Trust: 0.8

url:http://www.ipa.go.jp/security/ciadr/vul/20050413-ms05-019.html

Trust: 0.8

url:http://www.jpcert.or.jp/wr/2005/wr051601.txt

Trust: 0.8

url:http://jvn.jp/cert/jvnta05-102a/

Trust: 0.8

url:http://jvn.jp/tr/trta05-102a/

Trust: 0.8

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-0688

Trust: 0.8

url:http://www.securiteam.com/windowsntfocus/5pp0720f5u.html

Trust: 0.8

url:http://support.microsoft.com/support/kb/articles/q165/0/05.asp

Trust: 0.6

url:http://support.microsoft.com/support/kb/articles/q177/5/39.asp

Trust: 0.6

url:http://support.novell.com/cgi-bin/search/tidfinder.cgi?2932511

Trust: 0.6

url:http://www.cisco.com/warp/public/770/land-pub.shtml#iosvers

Trust: 0.6

url:http://www.securityfocus.com/archive/1/392354

Trust: 0.6

url:/archive/1/392642

Trust: 0.6

url:/archive/1/393045

Trust: 0.6

url:/archive/1/392354

Trust: 0.6

url:http://marc.theaimsgroup.com/?l=bugtraq&m=111005099504081&w=2

Trust: 0.6

url:http://www.securityfocus.com/archive/1/archive/1/449179/100/0/threaded

Trust: 0.6

url:http://www.frsirt.com/english/advisories/2006/3983

Trust: 0.6

url:http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:4978

Trust: 0.6

url:http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:482

Trust: 0.6

url:http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1685

Trust: 0.6

url:http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1288

Trust: 0.6

url:http://support.avaya.com/elmodocs2/security/asa-2006-217.htm

Trust: 0.3

url:/archive/1/400188

Trust: 0.3

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://www.microsoft.com/downloads/details.aspx?familyid=35bce74a-e84a-4035-bf18-196368f032cc

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

url:http://www.microsoft.com/downloads/details.aspx?familyid=2a2af17e-2e4a-4479-8ac9-b5544ea0bd66

Trust: 0.1

url:http://secunia.com/secunia_vacancies/

Trust: 0.1

url:http://secunia.com/product/41/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://www.microsoft.com/downloads/details.aspx?familyid=97f409eb-c8d0-4c94-a67b-5945e26c9267

Trust: 0.1

url:http://secunia.com/product/1828/

Trust: 0.1

sources: CERT/CC: VU#396645 // CERT/CC: VU#233754 // CERT/CC: VU#275193 // BID: 13658 // BID: 2666 // JVNDB: JVNDB-2005-000167 // PACKETSTORM: 37141 // CNNVD: CNNVD-200503-048 // NVD: CVE-2005-0688

CREDITS

Dejan Levaja dejan@levaja.com

Trust: 0.6

sources: CNNVD: CNNVD-200503-048

SOURCES

db:CERT/CCid:VU#396645
db:CERT/CCid:VU#233754
db:CERT/CCid:VU#275193
db:BIDid:13658
db:BIDid:2666
db:JVNDBid:JVNDB-2005-000167
db:PACKETSTORMid:37141
db:CNNVDid:CNNVD-200503-048
db:NVDid:CVE-2005-0688

LAST UPDATE DATE

2022-12-06T19:52:35.360000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#396645date:2005-04-13T00:00:00
db:CERT/CCid:VU#233754date:2005-05-03T00:00:00
db:CERT/CCid:VU#275193date:2005-08-02T00:00:00
db:BIDid:13658date:2016-07-06T14:40:00
db:BIDid:2666date:2009-07-11T06:06:00
db:JVNDBid:JVNDB-2005-000167date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200503-048date:2005-10-20T00:00:00
db:NVDid:CVE-2005-0688date:2018-10-19T15:31:00

SOURCES RELEASE DATE

db:CERT/CCid:VU#396645date:2005-04-13T00:00:00
db:CERT/CCid:VU#233754date:2005-04-12T00:00:00
db:CERT/CCid:VU#275193date:2005-04-12T00:00:00
db:BIDid:13658date:2005-05-17T00:00:00
db:BIDid:2666date:1997-11-20T00:00:00
db:JVNDBid:JVNDB-2005-000167date:2007-04-01T00:00:00
db:PACKETSTORMid:37141date:2005-04-18T07:20:47
db:CNNVDid:CNNVD-200503-048date:1997-11-13T00:00:00
db:NVDid:CVE-2005-0688date:2005-03-05T05:00:00