header-logo
Suggest Exploit
vendor:
Windows XP
by:
SecurityFocus
4.3
CVSS
MEDIUM
Information Disclosure
200
CWE
Product Name: Windows XP
Affected Version From: Windows XP
Affected Version To: Windows XP
Patch Exists: Yes
Related CWE: N/A
CPE: o:microsoft:windows_xp
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2003

Windows XP URG Flags Vulnerability

A vulnerability has been discovered in Microsoft Windows XP that could result in the contents of memory being disclosed within some TCP packets. The problem specifically occurs within some SYN packets transmitted by Windows XP, which may not have correctly zeroed out URG flags. These flags may in fact contain data leaked from previously used memory. By continuously observing these abnormal SYN packets, it may be possible for an attacker to obtain sensitive information.

Mitigation:

Microsoft has released a patch to address this issue. Users are advised to apply the appropriate patch.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8531/info

A vulnerability has been discovered in Microsoft Windows XP that could result in the contents of memory being disclosed within some TCP packets. The problem specifically occurs within some SYN packets transmitted by Windows XP, which may not have correctly zeroed out URG flags. These flags may in fact contain data leaked from previously used memory. By continuously observing these abnormal SYN packets, it may be possible for an attacker to obtain sensitive information. 

<Tue Sep 2 13:02:48 2003> A:3827 - Windows XP (2) (PLEASE REPORT!) [GENERIC]
Signature: [16384:119:1:48:M1460,N,N,S:U:Windows:?]
-> server:80 (distance 9, link: ethernet/modem)
-- EXTRA TCP VALUES: ACK=0x0, UNUSED=0, URG=0x819e

<Tue Sep 2 13:02:48 2003> A:3829 - Windows XP (2) (PLEASE REPORT!) [GENERIC]
Signature: [16384:119:1:48:M1460,N,N,S:U:Windows:?]
-> server:80 (distance 9, link: ethernet/modem)
-- EXTRA TCP VALUES: ACK=0x0, UNUSED=0, URG=0xdc19

<Tue Sep 2 13:02:49 2003> A:3830 - Windows XP (2) (PLEASE REPORT!) [GENERIC]
Signature: [16384:119:1:48:M1460,N,N,S:U:Windows:?]
-> server:80 (distance 9, link: ethernet/modem)
-- EXTRA TCP VALUES: ACK=0x0, UNUSED=0, URG=0x8158

<Tue Sep 2 13:02:49 2003> A:3833 - Windows XP (2) (PLEASE REPORT!) [GENERIC]
Signature: [16384:119:1:48:M1460,N,N,S:U:Windows:?]
-> server:80 (distance 9, link: ethernet/modem)
-- EXTRA TCP VALUES: ACK=0x0, UNUSED=0, URG=0x8158

Navigation

Suggest Exploit

Services By CQR