---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Microsoft Windows ISATAP Component IP Address Spoofing Vulnerability SECUNIA ADVISORY ID: SA39382 VERIFY ADVISORY: http://secunia.com/advisories/39382/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to conduct spoofing attacks. The vulnerability is caused due to an error in the ISATAP component in the way the inner packet's IPv6 source address in a tunneled ISATAP packet is checked. This can be exploited to spoof an IP address thereby bypassing edge or host firewalls and gain knowledge of certain information in responses. SOLUTION: Apply patches. Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?familyid=9DC3E1C2-2E9D-4D86-9FCE-446C409AD613 Windows XP Professional x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=D872BD77-F491-4706-8FF5-081AC0BF3D6F Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=CD007A6C-04B3-490C-AFF4-D5AF3E69D477 Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=19CFDDFE-E8DA-4564-9730-BABFAE4A3EBB Windows Server 2003 with SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=916F1B09-E79E-4347-9FBC-C0CF07DE397D Windows Vista (optionally with SP1/SP2): http://www.microsoft.com/downloads/details.aspx?familyid=196055A6-15D1-4DA8-B33D-501E69BF5176 Windows Vista x64 Edition (optionally with SP1/SP2): http://www.microsoft.com/downloads/details.aspx?familyid=7C1D1622-1B67-438D-AAE4-1A3954974A36 Windows Server 2008 for 32-bit Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=61ECE7BC-E9FA-4EDE-BA7D-9E5A4C64B9BE Windows Server 2008 for x64-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=72E7C7EA-55EF-457B-A03A-49AA9DEA2E84 Windows Server 2008 for Itanium-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=8C48302C-A1D6-41BC-AD24-7CE7332D4842 PROVIDED AND/OR DISCOVERED BY: The vendor credits Gabi Nakibly, National EW Research & Simulation Center. CHANGELOG: 2010-04-14: Added link to "Original Advisory" section. ORIGINAL ADVISORY: MS10-029 (KB978338): http://www.microsoft.com/technet/security/Bulletin/MS10-029.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------