Buffer Overflow In Vista's Tcp/ip Stack


Recommended Posts

24 November 2008, 12:57

Buffer overflow in Vista's TCP/IP stack

"Researchers at Austrian firewall maker phion AG have discovered a local vulnerability in Windows Vista's TCP/IP stack that may be exploited to obtain complete control of the operating system. Phion's security advisory says that calling the Windows CreateIpForwardEntry2 API function with a cunningly chosen parameter causes a kernel memory area to be overwritten, so that the system crashes with the dreaded blue screen. The same effect can reportedly be achieved by issuing the command route add and inputting a net mask with more than 32 bits as a parameter – evidently this command uses the same Windows function."

Heise Security: http://www.heise-online.co.uk/security/Buf...k--/news/112040

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.