Vulnerabilities > CVE-2014-1811 - Resource Management Errors vulnerability in Microsoft products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The TCP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (non-paged pool memory consumption and system hang) via malformed data in the Options field of a TCP header, aka "TCP Denial of Service Vulnerability."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 11 |
Common Weakness Enumeration (CWE)
Msbulletin
| bulletin_id | MS14-031 |
| bulletin_url | |
| date | 2014-06-10T00:00:00 |
| impact | Denial of Service |
| knowledgebase_id | 2962478 |
| knowledgebase_url | |
| severity | Important |
| title | Vulnerability in TCP Protocol Could Allow Denial of Service |
Nessus
| NASL family | Windows : Microsoft Bulletins |
| NASL id | SMB_NT_MS14-031.NASL |
| description | The remote Windows host is affected by a denial of service vulnerability due to the Windows TCP/IP stack improperly handling certain traffic. An attacker could exploit this vulnerability by sending a sequence of specially crafted TCP packets to cause a target system to stop responding until it is restarted. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 74423 |
| published | 2014-06-11 |
| reporter | This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/74423 |
| title | MS14-031: Vulnerability in TCP Protocol Could Allow Denial of Service (2962478) |