Template:Learning English

From PwnWiki

There is a denial of service vulnerability in the Windows IPv6 protocol stack. An unauthorized remote attacker can exploit this vulnerability by sending specially crafted data packets to the target system. Successful exploitation of this vulnerability can lead to a denial of service of the target system.

Windows-logo.png

Affected version

Windows All

Introduction

There is a denial of service vulnerability in the Windows IPv6 protocol stack. When IPv6 fragmentation is reorganized, because the parameter types used by the NetioRetreatNetBuffer function and the NdisGetDataBuffer function do not match, the latter can cause the latter to return a null pointer, which will cause a null pointer problem during subsequent copy operations. The attacker can insert the Fragment header for IPv6 option with another identifier at the end of the last fragment of a very large data packet, and continue to send the remaining fragments of the data packet with this identifier, thereby reorganizing the second group of data packets. The vulnerability is triggered at the time, causing the target system to deny service. see details

Retrieved from "https://pwnwiki.com/index.php?title=Template:Learning_English&oldid=2860"