ID

VAR-200505-0723


CVE

CVE-2005-1649


TITLE

Microsoft Windows Illegal in IPv6 Service disruption due to packets (Dos) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2005-000332

DESCRIPTION

The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, a variant of CVE-2005-0688 and a reoccurrence of the "Land" vulnerability (CVE-1999-0016). When a packet of this type is handled, an infinite loop is initiated and the affected system halts. A remote attacker may exploit this issue to deny service for legitimate users

Trust: 1.89

sources: NVD: CVE-2005-1649 // JVNDB: JVNDB-2005-000332 // BID: 13658

AFFECTED PRODUCTS

vendor:microsoftmodel:windows 2003 serverscope:eqversion:datacenter_64-bit

Trust: 1.6

vendor:microsoftmodel:windows 2003 serverscope:eqversion:enterprise_64-bit

Trust: 1.6

vendor:microsoftmodel:windows 2003 serverscope:eqversion:enterprise

Trust: 1.6

vendor:microsoftmodel:windows 2003 serverscope:eqversion:standard

Trust: 1.6

vendor:microsoftmodel:windows 2003 serverscope:eqversion:r2

Trust: 1.6

vendor:microsoftmodel:windows 2003 serverscope:eqversion:web

Trust: 1.0

vendor:microsoftmodel:windows xpscope:eqversion:*

Trust: 1.0

vendor:microsoftmodel:windows server 2003scope: - version: -

Trust: 0.8

vendor:microsoftmodel:windows xpscope:eqversion:sp3

Trust: 0.8

vendor:microsoftmodel:windows xp home sp1scope: - version: -

Trust: 0.3

vendor:bsdimodel:bsd/osscope:eqversion:2.1

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:10.01

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp3scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows server standard editionscope:eqversion:2003x64

Trust: 0.3

vendor:netbsdmodel:netbsdscope:neversion:1.3.1

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.0.31

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:2.2.5

Trust: 0.3

vendor:ciscomodel:ios aascope:neversion:11.1.15

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:11.0

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:10.10

Trust: 0.3

vendor:freebsdmodel:freebsdscope:neversion:2.2.6

Trust: 0.3

vendor:netbsdmodel:netbsdscope:eqversion:1.0

Trust: 0.3

vendor:microsoftmodel:windows xp professionalscope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp4scope:neversion:4.0

Trust: 0.3

vendor:bsdimodel:bsd/osscope:neversion:3.0

Trust: 0.3

vendor:microsoftmodel:windows server enterprise edition sp1 betascope:eqversion:20031

Trust: 0.3

vendor:linuxmodel:kernelscope:neversion:2.0.34

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp2scope:eqversion:4.0

Trust: 0.3

vendor:ciscomodel:ios fscope:neversion:11.2.4

Trust: 0.3

vendor:ciscomodel:ios btscope:neversion:11.0.12

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp4scope:neversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows server enterprise edition itaniumscope:eqversion:20030

Trust: 0.3

vendor:avayamodel:modular messagingscope:eqversion:3.0

Trust: 0.3

vendor:microsoftmodel:windows xp tablet pc edition sp1scope: - version: -

Trust: 0.3

vendor:ciscomodel:ios iascope:neversion:11.1.15

Trust: 0.3

vendor:netbsdmodel:netbsdscope:neversion:1.3

Trust: 0.3

vendor:microsoftmodel:windows xp professional editionscope:eqversion:x64

Trust: 0.3

vendor:microsoftmodel:windows xp tablet pc editionscope: - version: -

Trust: 0.3

vendor:bsdimodel:bsd/osscope:neversion:3.1

Trust: 0.3

vendor:microsoftmodel:windows server enterprise edition sp1scope:eqversion:2003

Trust: 0.3

vendor:linuxmodel:kernelscope:neversion:2.1.x

Trust: 0.3

vendor:linuxmodel:kernelscope:neversion:2.2

Trust: 0.3

vendor:linuxmodel:kernelscope:neversion:2.1

Trust: 0.3

vendor:microsoftmodel:windows xp 64-bit editionscope: - version: -

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:10.3.16

Trust: 0.3

vendor:microsoftmodel:windows server enterprise edition itanium sp1scope:eqversion:2003

Trust: 0.3

vendor:linuxmodel:kernelscope:neversion:2.0.38

Trust: 0.3

vendor:microsoftmodel:windows server standard edition sp1 betascope:eqversion:20031

Trust: 0.3

vendor:microsoftmodel:windows xpscope:eqversion:0

Trust: 0.3

vendor:novellmodel:netwarescope:eqversion:4.1

Trust: 0.3

vendor:microsoftmodel:windows server standard edition sp1scope:eqversion:2003

Trust: 0.3

vendor:bsdimodel:bsd/osscope:eqversion:2.0

Trust: 0.3

vendor:microsoftmodel:windows xp media center editionscope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:neversion:2.0.36

Trust: 0.3

vendor:microsoftmodel:windows xp media center edition sp2scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows nt workstationscope:eqversion:4.0

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:10.3

Trust: 0.3

vendor:ciscomodel:ios btscope:neversion:11.0.17

Trust: 0.3

vendor:microsoftmodel:windows server datacenter edition itaniumscope:eqversion:20030

Trust: 0.3

vendor:freebsdmodel:freebsdscope:neversion:3.x

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp1scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows server datacenter edition sp1 betascope:eqversion:20031

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp3scope:eqversion:4.0

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:11.2.10

Trust: 0.3

vendor:microsoftmodel:windows nt terminal server sp1scope:eqversion:4.0

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:2.1.5

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:11.1.7

Trust: 0.3

vendor:bsdimodel:bsd/osscope:eqversion:2.0.1

Trust: 0.3

vendor:microsoftmodel:windows server web edition sp1scope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp2scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows xp tablet pc edition sp2scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows server enterprise edition itanium sp1 betascope:eqversion:20031

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:11.2

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:2.2.3

Trust: 0.3

vendor:bsdimodel:bsd/osscope:eqversion:1.1

Trust: 0.3

vendor:linuxmodel:kernelscope:neversion:2.0.33

Trust: 0.3

vendor:microsoftmodel:windows nt terminal server sp3scope:eqversion:4.0

Trust: 0.3

vendor:scomodel:open desktopscope:eqversion:3.0

Trust: 0.3

vendor:microsoftmodel:windows xp embedded sp1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:2.1.6.1

Trust: 0.3

vendor:ciscomodel:ios iascope:neversion:11.1.9

Trust: 0.3

vendor:microsoftmodel:windows xp embeddedscope: - version: -

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:10.16

Trust: 0.3

vendor:netbsdmodel:netbsdscope:neversion:1.3.2

Trust: 0.3

vendor:ciscomodel:ios aascope:neversion:11.1.7

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:11.0.17

Trust: 0.3

vendor:microsoftmodel:windows server datacenter edition itanium sp1 betascope:eqversion:20031

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise serverscope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows server datacenter editionscope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:windows nt terminal serverscope:eqversion:4.0

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:9.0

Trust: 0.3

vendor:scomodel:unixwarescope:eqversion:2.1

Trust: 0.3

vendor:microsoftmodel:windows xp professional sp1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:neversion:2.2.2

Trust: 0.3

vendor:microsoftmodel:windows server standard editionscope:eqversion:2003

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:11.2.4

Trust: 0.3

vendor:microsoftmodel:windows server enterprise editionscope:eqversion:2003x64

Trust: 0.3

vendor:ciscomodel:ios ascope:neversion:10.3.19

Trust: 0.3

vendor:netbsdmodel:netbsdscope:eqversion:1.1

Trust: 0.3

vendor:microsoftmodel:windows xp goldscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ios f1scope:neversion:11.2.4

Trust: 0.3

vendor:linuxmodel:kernelscope:neversion:2.0.35

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.0

Trust: 0.3

vendor:microsoftmodel:windows xp homescope: - version: -

Trust: 0.3

vendor:scomodel:cmw+scope:eqversion:3.0

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:2.2

Trust: 0.3

vendor:bsdimodel:bsd/osscope:neversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows server web editionscope:eqversion:2003

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:2.1

Trust: 0.3

vendor:ciscomodel:ios cascope:neversion:11.1.15

Trust: 0.3

vendor:microsoftmodel:windows xp media center edition sp1scope: - version: -

Trust: 0.3

vendor:ciscomodel:ios/700scope:eqversion:1.0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:2.0.30

Trust: 0.3

vendor:sunmodel:sunosscope:eqversion:4.1.4

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:11.1

Trust: 0.3

vendor:microsoftmodel:windows nt server sp3scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windowsscope:eqversion:95

Trust: 0.3

vendor:linuxmodel:kernelscope:neversion:2.2.10

Trust: 0.3

vendor:ciscomodel:catalyst supervisor softwarescope:neversion:29xx2.4.401

Trust: 0.3

vendor:linuxmodel:kernelscope:neversion:2.0.37

Trust: 0.3

vendor:sunmodel:sunos u1scope:eqversion:4.1.3

Trust: 0.3

vendor:microsoftmodel:windows ntscope:eqversion:3.5.1

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:10.24

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:10.0

Trust: 0.3

vendor:marconimodel:atm switchscope:eqversion:6.1.1

Trust: 0.3

vendor:linuxmodel:kernelscope:neversion:2.0.32

Trust: 0.3

vendor:microsoftmodel:windows nt server sp1scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt terminal server sp4scope:neversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows xp professional sp2scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp home sp2scope: - version: -

Trust: 0.3

vendor:ciscomodel:catalyst supervisor softwarescope:neversion:29xx2.1.1102

Trust: 0.3

vendor:netbsdmodel:netbsdscope:eqversion:1.2.1

Trust: 0.3

vendor:microsoftmodel:windows xp 64-bit edition sp1scope: - version: -

Trust: 0.3

vendor:scomodel:open serverscope:eqversion:5.0

Trust: 0.3

vendor:microsoftmodel:windows xp 64-bit edition version sp1scope:eqversion:2003

Trust: 0.3

vendor:freebsdmodel:freebsdscope:neversion:2.2.8

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp1scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt server sp2scope:eqversion:4.0

Trust: 0.3

vendor:ciscomodel:ios pscope:neversion:11.2.9

Trust: 0.3

vendor:marconimodel:atm switchscope:eqversion:7.0.1

Trust: 0.3

vendor:microsoftmodel:windows server datacenter edition sp1scope:eqversion:2003

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:2.2.4

Trust: 0.3

vendor:microsoftmodel:windows nt server sp4scope:neversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt serverscope:eqversion:4.0

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:11.1.15

Trust: 0.3

vendor:microsoftmodel:windows server enterprise editionscope:eqversion:2003

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:2.1.6

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:10.20

Trust: 0.3

vendor:bsdimodel:bsd/osscope:neversion:4.0.1

Trust: 0.3

vendor:microsoftmodel:windows xp 64-bit edition versionscope:eqversion:2003

Trust: 0.3

vendor:ciscomodel:ios cascope:neversion:11.1.7

Trust: 0.3

vendor:microsoftmodel:windows server datacenter edition itanium sp1scope:eqversion:2003

Trust: 0.3

vendor:netbsdmodel:netbsdscope:eqversion:1.2

Trust: 0.3

vendor:microsoftmodel:windows nt terminal server sp2scope:eqversion:4.0

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:2.1x

Trust: 0.3

vendor:microsoftmodel:windows server datacenter editionscope:eqversion:2003x64

Trust: 0.3

vendor:microsoftmodel:windows server web edition sp1 betascope:eqversion:20031

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:10.30

Trust: 0.3

sources: BID: 13658 // JVNDB: JVNDB-2005-000332 // CNNVD: CNNVD-200505-1102 // NVD: CVE-2005-1649

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2005-1649
value: MEDIUM

Trust: 1.8

CNNVD: CNNVD-200505-1102
value: MEDIUM

Trust: 0.6

NVD: CVE-2005-1649
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2005-000332 // CNNVD: CNNVD-200505-1102 // NVD: CVE-2005-1649

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-1649

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200505-1102

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200505-1102

CONFIGURATIONS

sources: NVD: CVE-2005-1649

PATCH

title:Top Pageurl:http://www.microsoft.com/ja/jp/default.aspx

Trust: 0.8

sources: JVNDB: JVNDB-2005-000332

EXTERNAL IDS

db:NVDid:CVE-2005-1649

Trust: 2.7

db:BIDid:13658

Trust: 2.7

db:VUPENid:ADV-2005-0559

Trust: 1.6

db:JVNDBid:JVNDB-2005-000332

Trust: 0.8

db:NTBUGTRAQid:20050516 WINDOWS (XP, 2K3, LONGHORN) IS VULNERABLE TO IPV6 LAND ATTACK.

Trust: 0.6

db:CNNVDid:CNNVD-200505-1102

Trust: 0.6

sources: BID: 13658 // JVNDB: JVNDB-2005-000332 // CNNVD: CNNVD-200505-1102 // NVD: CVE-2005-1649

REFERENCES

url:http://www.securityfocus.com/bid/13658

Trust: 2.4

url:http://www.ntbugtraq.com/default.aspx?pid=36&sid=1&a2=ind0505&l=ntbugtraq&p=r409&d=0&f=n&h=0&o=d&t=0

Trust: 1.6

url:http://www.frsirt.com/english/advisories/2005/0559

Trust: 1.4

url:http://www.vupen.com/english/advisories/2005/0559

Trust: 1.0

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-1649

Trust: 0.8

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-1649

Trust: 0.8

url:http://support.avaya.com/elmodocs2/security/asa-2006-217.htm

Trust: 0.3

url:http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx

Trust: 0.3

url:http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx

Trust: 0.3

url:http://support.microsoft.com/support/kb/articles/q165/0/05.asp

Trust: 0.3

url:http://support.microsoft.com/support/kb/articles/q177/5/39.asp

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/tidfinder.cgi?2932511

Trust: 0.3

url:http://www.cisco.com/warp/public/770/land-pub.shtml#iosvers

Trust: 0.3

url:http://www.securityfocus.com/archive/1/392354

Trust: 0.3

url:/archive/1/392642

Trust: 0.3

url:/archive/1/393045

Trust: 0.3

url:/archive/1/400188

Trust: 0.3

url:/archive/1/392354

Trust: 0.3

sources: BID: 13658 // JVNDB: JVNDB-2005-000332 // CNNVD: CNNVD-200505-1102 // NVD: CVE-2005-1649

CREDITS

Konrad Malewski※ koyot@moon.ondraszek.ds.polsl.gliwice.pl

Trust: 0.6

sources: CNNVD: CNNVD-200505-1102

SOURCES

db:BIDid:13658
db:JVNDBid:JVNDB-2005-000332
db:CNNVDid:CNNVD-200505-1102
db:NVDid:CVE-2005-1649

LAST UPDATE DATE

2022-05-04T06:52:39.224000+00:00


SOURCES UPDATE DATE

db:BIDid:13658date:2016-07-06T14:40:00
db:JVNDBid:JVNDB-2005-000332date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200505-1102date:2005-10-25T00:00:00
db:NVDid:CVE-2005-1649date:2017-01-20T02:59:00

SOURCES RELEASE DATE

db:BIDid:13658date:2005-05-17T00:00:00
db:JVNDBid:JVNDB-2005-000332date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200505-1102date:1997-11-13T00:00:00
db:NVDid:CVE-2005-1649date:2005-05-18T04:00:00