Signature Detail

TCP: Microsoft Windows TCP Orphaned Connections Denial Of Service

This signature detects attempts to exploit a known vulnerability against Microsoft Windows TCP/IP stack. A successful attack can result in a denial-of-service condition. This is an old issue and newer versions of OS are unaffected by this vulnerability.

Extended Description

Microsoft Windows TCP/IP protocol implementation is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to crash the affected computer, denying service to legitimate users.

Affected Products

• Avaya Messaging Application Server MM 1.1
• Avaya Messaging Application Server MM 2.0
• Avaya Messaging Application Server MM 3.0
• Avaya Messaging Application Server MM 3.1
• Avaya Messaging Application Server
• Microsoft Windows 2000 Advanced Server SP1
• Microsoft Windows 2000 Advanced Server SP2
• Microsoft Windows 2000 Advanced Server SP3
• Microsoft Windows 2000 Advanced Server SP4
• Microsoft Windows 2000 Advanced Server
• Microsoft Windows 2000 Datacenter Server SP1
• Microsoft Windows 2000 Datacenter Server SP2
• Microsoft Windows 2000 Datacenter Server SP3
• Microsoft Windows 2000 Datacenter Server SP4
• Microsoft Windows 2000 Datacenter Server
• Microsoft Windows 2000 Professional SP1
• Microsoft Windows 2000 Professional SP2
• Microsoft Windows 2000 Professional SP3
• Microsoft Windows 2000 Professional SP4
• Microsoft Windows 2000 Professional
• Microsoft Windows Server 2003 SP1
• Microsoft Windows Server 2003 SP2
• Microsoft Windows Server 2003 Datacenter Edition
• Microsoft Windows Server 2003 Datacenter Edition Itanium SP1
• Microsoft Windows Server 2003 Datacenter Edition Itanium SP1 Beta 1
• Microsoft Windows Server 2003 Datacenter Edition Itanium
• Microsoft Windows Server 2003 Datacenter x64 Edition SP2
• Microsoft Windows Server 2003 Datacenter x64 Edition
• Microsoft Windows Server 2003 Enterprise Edition
• Microsoft Windows Server 2003 Enterprise Edition Itanium SP1
• Microsoft Windows Server 2003 Enterprise Edition Itanium
• Microsoft Windows Server 2003 Enterprise x64 Edition SP2
• Microsoft Windows Server 2003 Enterprise x64 Edition
• Microsoft Windows Server 2003 Itanium SP1
• Microsoft Windows Server 2003 Itanium SP2
• Microsoft Windows Server 2003 Itanium
• Microsoft Windows Server 2003 Standard Edition SP1
• Microsoft Windows Server 2003 Standard Edition SP2
• Microsoft Windows Server 2003 Standard Edition
• Microsoft Windows Server 2003 Web Edition SP2
• Microsoft Windows Server 2003 x64 SP1
• Microsoft Windows Server 2003 x64 SP2
• Microsoft Windows Server 2008 for 32-bit Systems SP2
• Microsoft Windows Server 2008 for 32-bit Systems
• Microsoft Windows Server 2008 for Itanium-based Systems SP2
• Microsoft Windows Server 2008 for Itanium-based Systems
• Microsoft Windows Server 2008 for x64-based Systems SP2
• Microsoft Windows Server 2008 for x64-based Systems
• Microsoft Windows Vista Business
• Microsoft Windows Vista Business SP1
• Microsoft Windows Vista Business SP2
• Microsoft Windows Vista Enterprise
• Microsoft Windows Vista Enterprise SP1
• Microsoft Windows Vista Enterprise SP2
• Microsoft Windows Vista Home Basic
• Microsoft Windows Vista Home Basic SP1
• Microsoft Windows Vista Home Basic SP2
• Microsoft Windows Vista Home Premium
• Microsoft Windows Vista Home Premium SP1
• Microsoft Windows Vista Home Premium SP2
• Microsoft Windows Vista SP1
• Microsoft Windows Vista SP2
• Microsoft Windows Vista Ultimate SP1
• Microsoft Windows Vista Ultimate SP2
• Microsoft Windows Vista
• Microsoft Windows Vista Business 64-bit edition SP1
• Microsoft Windows Vista Business 64-bit edition SP2
• Microsoft Windows Vista Business 64-bit edition
• Microsoft Windows Vista Enterprise 64-bit edition SP1
• Microsoft Windows Vista Enterprise 64-bit edition SP2
• Microsoft Windows Vista Enterprise 64-bit edition
• Microsoft Windows Vista Home Basic 64-bit edition SP1
• Microsoft Windows Vista Home Basic 64-bit edition SP2
• Microsoft Windows Vista Home Basic 64-bit edition
• Microsoft Windows Vista Home Premium 64-bit edition SP1
• Microsoft Windows Vista Home Premium 64-bit edition SP2
• Microsoft Windows Vista Home Premium 64-bit edition
• Microsoft Windows Vista Ultimate 64-bit edition SP1
• Microsoft Windows Vista Ultimate 64-bit edition SP2
• Microsoft Windows Vista Ultimate 64-bit edition
• Microsoft Windows Vista x64 Edition SP1
• Microsoft Windows Vista x64 Edition SP2
• Microsoft Windows Vista x64 Edition
• Microsoft Windows XP Embedded SP2
• Microsoft Windows XP Embedded SP3
• Microsoft Windows XP Home SP2
• Microsoft Windows XP Home SP3
• Microsoft Windows XP Media Center Edition SP2
• Microsoft Windows XP Media Center Edition SP3
• Microsoft Windows XP Professional SP2
• Microsoft Windows XP Professional SP3
• Microsoft Windows XP Professional x64 Edition SP2
• Microsoft Windows XP Tablet PC Edition SP2
• Microsoft Windows XP Tablet PC Edition SP3
• Nortel Networks CallPilot 1002Rp
• Nortel Networks CallPilot 1005R
• Nortel Networks CallPilot 201I
• Nortel Networks CallPilot 202I
• Nortel Networks CallPilot 600R
• Nortel Networks CallPilot 703T
• Nortel Networks Contact Center Administration
• Nortel Networks Contact Center Express
• Nortel Networks Contact Center Manager Server
• Nortel Networks Contact Center NCC
• Nortel Networks Contact Center - TAPI Server
• Nortel Networks Self-Service - CCSS7
• Nortel Networks Self-Service CCXML
• Nortel Networks Self-Service MPS 100
• Nortel Networks Self-Service MPS 1000
• Nortel Networks Self-Service MPS 500
• Nortel Networks Self-Service Peri Application
• Nortel Networks Self-Service Peri Workstation
• Nortel Networks Self-Service Speech Server
• Nortel Networks Self Service VoiceXML
• Nortel Networks Self-Service WVADS
• Nortel Networks Symposium Agent

References

• BugTraq: 36269
• CVE: CVE-2009-1926