[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability
From: Ivan Security <ivanchukl@xxxxxxxxx>
Date: Fri, 27 Nov 2009 01:59:26 -0300

Hi list,

Has anyone more details about this vulnerability?. The advisory just say:
"The vulnerability exists due to the TCP/IP stack not cleaning up state
information correctly. This causes the TCP/IP stack to reference a field as
a function pointer when it actually contains other information"
I'd like to know a bit more in order to test it and make some research.

Regards,

Ivan.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability
  - From: webDEViL
- Re: [Full-disclosure] Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability
  - From: Fernando Gont

Prev by Date: Re: [Full-disclosure] Good thing we have EFF...
Next by Date: Re: [Full-disclosure] Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability
Previous by thread: Re: [Full-disclosure] Good thing we have EFF...
Next by thread: Re: [Full-disclosure] Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability
Index(es):
- Date
- Thread