Vulnerabilities > CVE-2010-0242 - Resource Management Errors vulnerability in Microsoft Windows Server 2008 and Windows Vista
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via crafted packets with malformed TCP selective acknowledgement (SACK) values, aka "TCP/IP Selective Acknowledgement Vulnerability."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 11 |
Common Weakness Enumeration (CWE)
Msbulletin
| bulletin_id | MS10-009 |
| bulletin_url | |
| date | 2010-02-09T00:00:00 |
| impact | Remote Code Execution |
| knowledgebase_id | 974145 |
| knowledgebase_url | |
| severity | Critical |
| title | Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution |
Nessus
NASL family Windows NASL id WIN_SERVER_2008_NTLM_PCI.NASL description According to the version number obtained by NTLM the remote host has Windows Server 2008 installed. The host may be vulnerable to a number of vulnerabilities including remote unauthenticated code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 108811 published 2018-04-03 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108811 title Windows Server 2008 Critical RCE Vulnerabilities (uncredentialed) (PCI/DSS) NASL family Windows : Microsoft Bulletins NASL id SMB_NT_MS10-009.NASL description The remote Windows host has the following vulnerabilities in its TCP/IP implementation : - Hosts with IPv6 enabled perform insufficient bounds checking when processing specially crafted ICMPv6 Router Advertisement packets. A remote attacker could exploit this to execute arbitrary code. (CVE-2010-0239) - Specially crafted Encapsulating Security Payloads (ESP) are not processed properly. A remote attacker could exploit this to execute arbitrary code. (CVE-2010-0240) - Hosts with IPv6 enabled perform insufficient bounds checking when processing specially crafted ICMPv6 Route Information packets. A remote attacker could exploit this to execute arbitrary code. (CVE-2010-0241) - Specially crafted TCP packets with a malformed selective acknowledgment (SACK) value can cause the system to stop responding and automatically restart. A remote attacker could exploit this to cause a denial of service. (CVE-2009-0242) last seen 2020-06-01 modified 2020-06-02 plugin id 44419 published 2010-02-09 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44419 title MS10-009: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (974145)
Oval
| accepted | 2010-03-22T04:00:15.773-04:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| description | The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via crafted packets with malformed TCP selective acknowledgement (SACK) values, aka "TCP/IP Selective Acknowledgement Vulnerability." | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| family | windows | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:8449 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| submitted | 2010-02-08T13:00:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| title | TCP/IP Selective Acknowledgement Vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| version | 41 |
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 38064 CVE ID: CVE-2010-0242 Microsoft Windows是微软发布的非常流行的操作系统。 Windows的TCP/IP栈在处理设置了畸形选择性应答(SACK)值的TCP报文时存在拒绝服务漏洞,远程攻击者可以向目标系统发送少量的特制报文导致受影响的系统停止响应和自动重启。 Microsoft Windows Vista SP2 Microsoft Windows Vista SP1 Microsoft Windows Vista Microsoft Windows Server 2008 SP2 Microsoft Windows Server 2008 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS10-009)以及相应补丁: MS10-009:Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (974145) 链接:http://www.microsoft.com/technet/security/Bulletin/MS10-009.mspx?pf=true |
| id | SSV:19153 |
| last seen | 2017-11-19 |
| modified | 2010-02-20 |
| published | 2010-02-20 |
| reporter | Root |
| title | Microsoft Windows TCP/IP栈选择性应答远程拒绝服务漏洞(MS10-009) |
References
- http://www.us-cert.gov/cas/techalerts/TA10-040A.html
- http://www.us-cert.gov/cas/techalerts/TA10-040A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-009
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-009
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8449
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8449