Microsoft Windows CE TCP/IP Requests Denial of Service Vulnerability
TITLE: Microsoft Windows CE TCP/IP Requests Denial of Service Vulnerability
CLASS: Unknown
CVE:
REMOTE: Yes
LOCAL: No
PUBLISHED: May 27 2005 12:00AM
UPDATE: May 27 2005 12:00AM
CREDIT: The vendor disclosed this issue.Ollie Whitehouse is credited with reporting this issue as a security vulnerability.
VULNERABLE:
Microsoft Windows CE 4.2NOT VULNERABLE:
Vai alla pagina originale su Security Focus
Discussion
Windows CE is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to deny TCP/IP service to an affected device.
Very few details are known regarding this issue. This BID will be updated as further information becomes available.
Windows CE 4.2 is vulnerable; other versions may also be affected.
Exploit
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com
Solution
Solution:
The vendor recognizes this issue as a bug and has released a fix. Please see the references for more information.
References
References:
- KB837392 - How to locate core operating system fixes for Microsoft Windows CE Pl (Microsoft)
- Microsoft Windows CE Homepage (Microsoft)
- The Elephant Under the Carpet (and when I say "carpet" I mean PDA) (Ollie Whitehouse)
- FIX: A Windows CE .NET 4.2-based device may stop responding to incoming TCP/IP r (Microsoft)