Vulnerabilities > CVE-2007-3038 - Unspecified vulnerability in Microsoft Windows Vista
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
NONE Availability impact
NONE Summary
The Teredo interface in Microsoft Windows Vista and Vista x64 Edition does not properly handle certain network traffic, which allows remote attackers to bypass firewall blocking rules and obtain sensitive information via crafted IPv6 traffic, aka "Windows Vista Firewall Blocking Rule Information Disclosure Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS07-038.NASL |
description | The remote version of Windows Vista contains a firewall that suffers from an information disclosure vulnerability. By sending specially crafted packets, an attacker may be able to access some ports of the remote host by going through its Teredo interface. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 25689 |
published | 2007-07-10 |
reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/25689 |
title | MS07-038: Vulnerability in Windows Vista Firewall Could Allow Information Disclosure (935807) |
code |
|
Oval
accepted | 2007-08-20T08:04:39.445-04:00 | ||||||||
class | vulnerability | ||||||||
contributors |
| ||||||||
definition_extensions |
| ||||||||
description | The Teredo interface in Microsoft Windows Vista and Vista x64 Edition does not properly handle certain network traffic, which allows remote attackers to bypass firewall blocking rules and obtain sensitive information via crafted IPv6 traffic, aka "Windows Vista Firewall Blocking Rule Information Disclosure Vulnerability." | ||||||||
family | windows | ||||||||
id | oval:org.mitre.oval:def:1884 | ||||||||
status | accepted | ||||||||
submitted | 2007-07-10T18:34:24 | ||||||||
title | Windows Vista Firewall Blocking Rule Information Disclosure Vulnerability | ||||||||
version | 69 |
References
- http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html
- http://osvdb.org/35952
- http://secunia.com/advisories/26001
- http://www.kb.cert.org/vuls/id/101321
- http://www.securityfocus.com/archive/1/473294/100/0/threaded
- http://www.securityfocus.com/bid/24779
- http://www.securitytracker.com/id?1018354
- http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-005.txt
- http://www.us-cert.gov/cas/techalerts/TA07-191A.html
- http://www.vupen.com/english/advisories/2007/2480
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-038
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35322
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1884