BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

Internet Connection Sharing DoS

Disclosed October 28, 2006    Fully Patched

Vulnerability Description:

A denial of service vulnerability exists within the Internet Connection Sharing service in Microsoft Windows XP. This vulnerability allows a LAN-side attacker to send a specialy-crafted DNS request to a vulnerable host in order to cause a denial of service for the ICS service, which also includes the Windows firewall service, potentially fostering further exploitation when the firewall is taken offline.

Vendors:

Microsoft

Vulnerable Software/Devices:

Windows XP SP2 and prior

Vulnerability Severity:

Medium

Exploit Availability:

N/A

BeyondTrust Prevention and Detection:

BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.

  • 5590 - Internet Connection Sharing DoS

Mitigation:

The only form of mitigation for this vulnerability is to deny service to the Internet Connection Sharing Service by disabling the service, or blocking udp/53 on the host running ICS.

Links:

CVE(s):

None

Leave a Reply