Microsoft Windows TCP/IP时间戳远程代码执行漏洞（MS09-048）

BUGTRAQ ID: 36265 CVECAN ID: CVE-2009-1925 Microsoft Windows是微软发布的非常流行的操作系统。 由于TCP/IP栈没有正确地清除状态信息，导致Windows TCP/IP栈中存在远程代码执行漏洞。这会导致TCP/IP栈引用包含有其他信息的字段为函数指针。匿名攻击者可以通过向在网络上监听服务的计算机发送特制的TCP/IP报文来利用这个漏洞，成功利用这个漏洞的攻击者可以完全控制受影响的系统；攻击者之后可以安装程序、查看、更改或删除数据，或创建拥有完全用户权限的新账号。 Microsoft Windows Vista SP2...

Microsoft Windows TCP/IP Remote Code Execution Vulnerability (967723)

This host is missing a critical security update according to Microsoft Bulletin MS09-048. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2009-1925

CVE-2009-1925 is the TCP/IP Timestamps Code Execution vulnerability in Windows. A remote attacker can execute arbitrary code by sending specially crafted TCP/IP packets to a listening service; the flaw arises from the TCP/IP stack not cleaning up state information, causing a field to be misinterp...

TCP Window Size Enforcement (CVE-2008-4609; CVE-2009-1925; CVE-2009-1926)

TCP/IP is a set of networking protocols that are widely used on the Internet. TCP/IP provides communications across interconnected networks of computers that have diverse hardware architectures and that run various operating systems. Multiple vulnerabilities exist in TCP/IP processing in Microsof...