Microsoft Windows TCP Stack DoS 漏洞

漏洞信息详情

Microsoft Windows TCP Stack DoS 漏洞

• CNNVD编号：CNNVD-200212-709
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2002-1712
  
• 漏洞类型：
  
  
  其他
  
• 发布时间：
  
  2002-12-31
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  microsoft
• 漏洞来源：
  Posted to Bugtraq …

Microsoft Windows 2000存在漏洞。远程攻击者通过发送一大批将ACK和FIN二进制数调到NetBIOS端口(TCP/139)的空TCP/IP数据包导致服务拒绝（内存消耗），正如stream3。

Microsoft has acknowledged this issue in Windows 2000 and can be addressed by installing Service Pack 2.
Microsoft Windows 2000 Professional

• Microsoft W2KSP2
  
  http://download.microsoft.com/download/win2000platform/SP/SP2/NT5/EN-U
  S/W2KSP2.exe

Microsoft Windows 2000 Advanced Server SP1

• Microsoft W2KSP2
  
  http://download.microsoft.com/download/win2000platform/SP/SP2/NT5/EN-U
  S/W2KSP2.exe

Microsoft Windows 2000 Professional SP1

• Microsoft W2KSP2
  
  http://download.microsoft.com/download/win2000platform/SP/SP2/NT5/EN-U
  S/W2KSP2.exe

Microsoft Windows 2000 Server SP1

• Microsoft W2KSP2
  
  http://download.microsoft.com/download/win2000platform/SP/SP2/NT5/EN-U
  S/W2KSP2.exe

Microsoft Windows 2000 Advanced Server

• Microsoft W2KSP2
  
  http://download.microsoft.com/download/win2000platform/SP/SP2/NT5/EN-U
  S/W2KSP2.exe

Microsoft Windows 2000 Server

• Microsoft W2KSP2
  
  http://download.microsoft.com/download/win2000platform/SP/SP2/NT5/EN-U
  S/W2KSP2.exe

来源: XF
名称: win2k-empty-tcp-dos(8037)
链接:http://xforce.iss.net/xforce/xfdb/8037

来源: BID
名称: 3967
链接:http://www.securityfocus.com/bid/3967

来源: MSKB
名称: Q280446
链接:http://support.microsoft.com/default.aspx?scid=kb;EN-US;q280446