MS11-064: Vulnerabilities in TCP/IP Stack Could Allow Denial of Service (2563894)
High Nessus Plugin ID 55794
SynopsisThe remote Windows host is susceptible to denial of service attacks.
DescriptionThe TCP/IP stack in use on the remote Windows host is potentially affected by the following denial of service vulnerabilities :
- By sending a sequence of specially crafted ICMP messages, an unauthenticated, remote attacker could cause the affected host to stop responding and automatically reboot. (CVE-2011-1871)
- By sending a request with a specially crafted URL, an unauthenticated, remote attacker may be able to cause the affected host to stop responding and automatically reboot if it is serving web content and has URL-based QoS (Quality of Service) enabled. (CVE-2011-1965)
SolutionMicrosoft has released a set of patches for Windows Vista, 2008, 7, and 2008 R2.