发布时间 :2005-05-02 00:00:00
修订时间 :2008-09-05 16:47:30

[原文]Microsoft Windows XP SP1 allows local users to cause a denial of service (system crash) via an empty datagram to a raw IP over IP socket (IP protocol 4), as originally demonstrated using code in Python 2.3.

[CNNVD]Microsoft Windows原始IP over IP套接字本地拒绝服务漏洞(CNNVD-200505-370)

        Microsoft Windows是微软发布的特别流行的操作系统。
        Windows XP Service Pack 1中存在拒绝服务漏洞。如果攻击者创建了原始IP over IP套接字并通过新创建的套接字来传送数据的话,就会引发这个漏洞。

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BID  12870
(UNKNOWN)  BUGTRAQ  20050322 Possible windows+python bug

- 漏洞信息

Microsoft Windows原始IP over IP套接字本地拒绝服务漏洞
低危 其他
2005-05-02 00:00:00 2005-10-20 00:00:00
        Microsoft Windows是微软发布的特别流行的操作系统。
        Windows XP Service Pack 1中存在拒绝服务漏洞。如果攻击者创建了原始IP over IP套接字并通过新创建的套接字来传送数据的话,就会引发这个漏洞。

- 公告与补丁


- 漏洞信息

Microsoft Windows XP SP1 Raw IP Empty Datagram DoS
Local Access Required Denial of Service
Loss of Availability
Exploit Public

- 漏洞描述

Microsoft Windows XP contains a flaw that may allow a local denial of service. The issue is triggered, for certain protocols, when a raw IP empty datagram is sent and will result in loss of availability for the local system.

- 时间线

2005-03-23 Unknow
2005-03-22 Unknow

- 解决方案

Upgrade to Service Pack 2 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround: enable windows firewall.

- 相关参考

- 漏洞作者

- 漏洞信息

Microsoft Windows Local Denial Of Service Vulnerability
Failure to Handle Exceptional Conditions 12870
No Yes
2005-03-22 12:00:00 2009-07-12 10:56:00
Discovery of this issue is credited to <>.

- 受影响的程序版本

Microsoft Windows XP Tablet PC Edition SP1
Microsoft Windows XP Professional SP1
Microsoft Windows XP Media Center Edition SP1
Microsoft Windows XP Home SP1

- 漏洞讨论

It is reported that Microsoft Windows XP Service Pack 1 is prone to a local denial of service vulnerability.

The issue is reported to manifest when a raw IP over IP socket is created and data is transferred over the newly created socket.

It is reported that this operation causes the kernel of the Windows computer to crash, resulting in the computer rebooting. If this issue can be triggered reliably, a local attacker may exploit the issue to deny service for legitimate users.

Further investigation into this issue is ongoing; this BID will be updated as soon as more details are available.

- 漏洞利用

The following exploit is available:

import socket

Press ENTER and your win box should crash immediately.

- 解决方案

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: <>.

- 相关参考