Vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Just so you know now with the POC, and probably exploits running around, probably best to get this patch on your Windows 2008,R2 Windows Vista and Windows 7 systems sooner than laters.
http://pastebin.com/fjZ1k0fi Now they are developing proof of concepts. I would hope that at day one your firewall guys would be getting alerts. 1. MS11-083 DoS/PoC exploit 2. * ======================== 3. * This attempts to trigger the ICMP refCount overflow 4. * in TCP/IP stack of Win7/Vista/Win2k8 hosts. This 5. * requires sending 2^32 UDP packets to a host on a closed 6. * port, or 4,294,967,296 packets. A dereference function 7. * must be called that is not triggered via UDP but ICMP 8. * echo packets. This exploit creates 250 threads and 9. * floods a host with UDP packets and then attempts to 10. * trigger the de-ref using ping. I calculated that it 11. * would take approximately 52 days for the host to 12. * enter a condition where this vulnerability is 13. * triggerable. Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
<<image001.jpg>>
