MS10-029: Vulnerability in Windows ISATAP Component Could Allow Spoofing (978338)

medium Nessus Plugin ID 45516

Synopsis

The remote host is vulnerable to network spoofing attacks.

Description

A spoofing vulnerability exists in the Microsoft Windows IPv6 stack due to the way Windows checks the inner packet's IPv6 source address in a tunneled ISATAP packet.

A remote attacker could exploit this by spoofing a trusted IP address, which could be used to bypass security restrictions based on source IP. This could also be exploited to disclose information if a targeted host replies to the message using the spoofed IPv6 address.

Solution

Microsoft has released a set of patches for Windows XP, 2003, Vista, and 2008.

See Also

https://www.nessus.org/u?e9b02375

Plugin Details

Severity: Medium

ID: 45516

File Name: smb_nt_ms10-029.nasl

Version: 1.21

Type: local

Agent: windows

Published: 4/13/2010

Updated: 8/5/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2010-0812

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Ease: No known exploits are available

Patch Publication Date: 4/13/2010

Vulnerability Publication Date: 4/13/2010

Reference Information

CVE: CVE-2010-0812

BID: 39352

IAVB: 2010-B-0030-S

MSFT: MS10-029

MSKB: 978338