JVN#06924191: Microsoft Windows XP vulnerable to denial-of-service (DoS)

Overview

Microsoft Windows XP contains a denial-of-service (DoS) vulnerability.

Products Affected

Microsoft Windows XP

Description

Microsoft Windows XP contains an issue when processing TCP packets, which may result in a denial-of-service (DoS).

Impact

An attacker that can view the TCP communication of its target may cause a denial-of-service (DoS).

Solution

Apply a workaround
The following workaround may mitigate the affects of this vulnerability.

Use a firewall to limit access to affected ports

According to the developer, the above workaround is the only solution for this vulnerability.
For more information, please refer to "Vendor Status".

Vendor Status

Vendor	Status	Last Update	Vendor Notes
Microsoft Japan Co.,Ltd.	vulnerable	2011/08/19

References

JPCERT/CC Addendum

This JVN publication was delayed to 2011/08/19 after the developer fix was developed. From the fiscal year 2011, JPCERT/CC is using a new vendor coordination procedure. This new procedure came from the recommendation of the fiscal year 2010 "Study Group on Information System Vulnerability Handling" aimed at more timely JVN publications.

Vulnerability Analysis by JPCERT/CC

Credit

HIRT (Hitachi Incident Response Team) reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia	JVNDB-2011-000064

JVN#06924191 Microsoft Windows XP vulnerable to denial-of-service (DoS)