Signature Detail
Short Name |
UDP:MS-WINDOWS-TCP-IP-CNTR |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
UDP |
Keywords |
Microsoft Windows TCP-IP Reference Counter Overflow |
Release Date |
2013/01/08 |
Update Number |
2223 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
UDP: Microsoft Windows TCP-IP Reference Counter Overflow
This signature detects attempts to exploit a known vulnerability in Microsoft Windows. It is due to an error while handling a stream of specially crafted UDP packets. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted stream of UDP packets to the affected system. This can lead to code execution in the context of Ring 0 (Kernel). If code execution is unsuccessful, the operating system might crash resulting in denial-of-service condition.
Extended Description
Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code by sending a sequence of crafted UDP packets to a closed port, aka "Reference Counter Overflow Vulnerability."
Affected Products
- microsoft windows_7 - (-)
- microsoft windows_7 - (sp1)
- microsoft windows_7 - (sp1:x32)
- microsoft windows_7 - (sp1:x64)
- microsoft windows_7 - (-:x32)
- microsoft windows_7 - (-:x64)
- microsoft windows_server_2008 r2
- microsoft windows_server_2008 r2 (:itanium)
- microsoft windows_server_2008 r2 (sp1)
- microsoft windows_server_2008 r2 (sp1:itanium)
- microsoft windows_server_2008 r2 (sp1:x64)
- microsoft windows_server_2008 r2 (:x64)
- microsoft windows_server_2008 (sp2)
- microsoft windows_server_2008 - (sp2)
- microsoft windows_server_2008 - (sp2:itanium)
- microsoft windows_server_2008 (sp2:x32)
- microsoft windows_server_2008 (sp2:x64)
- microsoft windows_vista (sp2)
- microsoft windows_vista (sp2:x64)
References
- CVE: CVE-2011-2013