[Full-disclosure] Is Windows TCP/IP source routing PoC code available?
Denis Jedig
seclists at syneticon.de
Sun Jun 25 19:03:24 BST 2006
Greetings to the list,
As known, Microsoft did announce a security vulnerability concerning an
overflow within the TCP/IP stack implementation when source routing
fields are used:
http://www.microsoft.com/technet/security/bulletin/MS06-032.mspx
Is anyone aware of an exploit or POC code for this vulnerability? The
security bulletin states that Windows XP SP2 and Windows Server 2003 SP1
are "secure by default" due to disabled source routing. However, it does
not provide sufficient information regarding other operating systems
affected, so I would like to check out by myself.
Regards,
Denis Jedig
syneticon networks GbR
Full-Disclosure is hosted and sponsored by Secunia.