Vulnerabilities > CVE-2007-1533 - Unspecified vulnerability in Microsoft Windows Vista

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

microsoft

NVD

Published: 2007-03-20

Updated: 2018-10-16

Summary

The Teredo implementation in Microsoft Windows Vista uses the same nonce for communication with different UDP ports within a solicitation session, which makes it easier for remote attackers to spoof the nonce through brute force attacks.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows Vista *	1

References

http://osvdb.org/33666
http://www.securityfocus.com/archive/1/462793/100/0/threaded
http://www.securityfocus.com/archive/1/464617/100/0/threaded
http://www.securityfocus.com/bid/23301
http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf
http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html