Microsoft Windows Vista Persistent Established Teredo Address
2007-03-13T21:19:57
ID OSVDB:33667 Type osvdb Reporter OSVDB Modified 2007-03-13T21:19:57
Description
No description provided by the source
References:
Related OSVDB ID: 33666
Other Advisory URL: http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-03/0167.html
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0053.html
CVE-2007-1535
{"cve": [{"lastseen": "2019-05-29T18:08:59", "bulletinFamily": "NVD", "description": "Microsoft Windows Vista establishes a Teredo address without user action upon connection to the Internet, contrary to documentation that Teredo is inactive without user action, which increases the attack surface and allows remote attackers to communicate via Teredo.", "modified": "2018-10-16T16:38:00", "id": "CVE-2007-1535", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1535", "published": "2007-03-20T20:19:00", "title": "CVE-2007-1535", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:21", "bulletinFamily": "software", "description": "Hello all,\r\n\r\nIn my blog today [1] I give a brief run-down of nine CVE entries that were\r\nrecently published for Vista; the CVEs are numbered CVE-2007-1527 through\r\nCVE-2007-1535. At this point, I do not know who requested the entries be\r\ncreated. However, the entries are based on items reported in Symantec's\r\nrecent Windows Vista Network Attack Surface Analysis report [2], for which I\r\nwas lead author, so I thought that I was in a good position to explain them.\r\n\r\nMost of the CVEs are for items that are not especially significant and in\r\none or two cases can be considered historic (aside from it being applicable\r\nto Vista in particular).\r\n\r\nI do discuss one item in more depth though, since I feel it is important.\r\nThe documentation that is currently on the Microsoft web site makes it seem\r\nlike you need to do something special for Teredo to become active. In\r\nreality, we have seen Teredo used on fresh Vista installs.\r\n\r\nWho is to say the reason Microsoft has the inaccurate information (it could\r\nbe an innocent mistake that has remained unfixed for several months), but\r\nthe effect is to downplay the configurations under which Teredo will be\r\nused. This misleads people as to how much attention they need to pay to\r\nTeredo when they install/deploy Vista. Teredo does pose some significant\r\nsecurity concerns and it probably will not be uncommon to find a Vista host\r\nusing Teredo.\r\n\r\nMore in the blog [1] ...\r\n\r\n-- Jim\r\n\r\n[1] \r\nhttp://www.symantec.com/enterprise/security_response/weblog/2007/04/microsof\r\nts_inaccurate_teredo_d.html ( http://preview.tinyurl.com/yu7vhu )\r\n\r\n[2] \r\nhttp://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.\r\npdf ( http://preview.tinyurl.com/2qrglc )\r\n\r\n\r\n-- \r\nJim Hoagland, Ph.D., CISSP\r\nPrincipal Security Researcher\r\nAdvanced Threats Research\r\nSymantec Security Response\r\n", "modified": "2007-04-04T00:00:00", "published": "2007-04-04T00:00:00", "id": "SECURITYVULNS:DOC:16561", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:16561", "title": "Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:25", "bulletinFamily": "software", "description": "Multiple DoS conditions and spoof possibilities.", "modified": "2007-04-04T00:00:00", "published": "2007-04-04T00:00:00", "id": "SECURITYVULNS:VULN:7502", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7502", "title": "Microsoft Vista IPv6 multiple security vulnerability", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}