RSS   Podatności dla 'Teredo'   RSS

2006-12-04
 
CVE-2006-6266

CWE-Other
 

 
Teredo clients, when following item 6 of RFC4380 section 5.2.3, start direct IPv6 connectivity tests (aka ping tests) in response to packets from non-Teredo source addresses, which might allow remote attackers to induce Teredo clients to send packets to third parties.

 
 
CVE-2006-6265

CWE-Other
 

 
Teredo clients, when located behind a restricted NAT, allow remote attackers to establish an inbound connection without the guessing required to find a port mapping for a traditional restricted NAT client, by (1) using the client port number contained in the Teredo address or (2) following the bubble-to-open procedure.

 
 
CVE-2006-6264

CWE-Other
 

 
Teredo creates trusted peer entries for arbitrary incoming source Teredo addresses, even if the low 32 bits represent an intranet address, which might allow remote attackers to send IPv4 traffic to intranet hosts that use non-RFC1918 addresses, bypassing IPv4 ingress filtering.

 
 
CVE-2006-6263

CWE-Other
 

 
Teredo clients, when source routing is enabled, recognize a Routing header in an encapsulated IPv6 packet and send the packet to the next hop, which might allow remote attackers to bypass policies of certain Internet gateways that drop all source-routed packets.

 

 >>> Vendor: Microsoft 622 Produkty
Exchange server
Internet information server
Site server
Proxy server
Frontpage
Personal web server
Windows 95
Windows nt
Winsock
IE
Commerce server
Windows 2000
WINS
Netmeeting
WORD
Windows 98
Access
Backoffice
Backoffice resource kit
Office
Outlook
Project
Visual basic
Terminal server
All windows
Excel
Hotmail
Java virtual machine
Commercial internet system
Site server commerce
Windows 98se
Outlook express
Windows explorer
Sql server
Data access components
Index server
Sna server
Zero administration kit
Powerpoint
Msn setup bulletin board services
Visual interdev
Webtv
Office converter pack
Systems management server
Virtual machine
Visual studio
Clip art
Greetings
Home publishing
Data engine
Windows media services
Windows messaging
Windows media rights manager
JET
Active movie control
Photodraw 2000
Works
Money
Network monitor
Windows media player
Indexing service
Windows me
MSDE
Windows xp
Windows script host
PLUS
Windows ce
BING
Isa server
Frontpage server extensions
Services
Windows 2000 terminal services
Interix
Xml core services
Entourage
Msn chat control
Msn messenger
Msn messenger service for exchange
.net framework
Windows 98 plus pack
Microsoft data access components
Visual foxpro
Metadirectory services
Content management server
Tsac activex control
Office web components
Windows help
Ie for macintosh
.net windows server
Directx files viewer control
File transfer manager
Baseline security analyzer
Foundation class library
Windows 2003 server
Network firmware
Windows-nt
Biztalk server
Directx
Visio
Ftp service
Zobacz wszystkie produkty dla producenta Microsoft


Copyright 2024, cxsecurity.com

 

Back to Top