Microsoft Windows Vista Teredo接口防火墙绕过漏洞

2007-07-12T00:00:00
ID SSV:1996
Type seebug
Reporter Root
Modified 2007-07-12T00:00:00

Description

Vista Windows Firewall是一款微软提供的Vista系统下的防火墙解决方案。

Vista Windows Firewall存在设计问题,远程攻击者可以利用漏洞发送恶意网络数据报文绕过防火墙规则获得敏感信息。

Teredo接口是面向IPv6的IPv4 NAT网络地址转换穿越,是一项IPv6 / IPv4过渡技术。默认设计中,Windows防火墙阻止所有对Teredo接口的访问,除了通过在防火墙规则中设置"Edge Traversal"标记,但是由于逻辑错误,它没有应用这个限制,相反,在本地网络上的任意端口可从Internet上的任意主机通过Teredo接口访问,即使防火墙设置了"remote address=local subnet"规则。

Microsoft Windows Vista x64 Edition 0 Microsoft Windows Vista Ultimate Microsoft Windows Vista Home Premium Microsoft Windows Vista Home Basic Microsoft Windows Vista Enterprise Microsoft Windows Vista Business Microsoft Windows Vista beta 2 Microsoft Windows Vista Beta 1 Microsoft Windows Vista Beta Microsoft Windows Vista 0

补丁下载:

Microsoft Windows Vista Ultimate

* Microsoft Security Update for Windows Vista (KB935807)
  <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa" target="_blank">http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa</a> -4a30-833d-e058e000c821&displaylang=en

Microsoft Windows Vista Beta 1

* Microsoft Security Update for Windows Vista (KB935807)
  <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa" target="_blank">http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa</a> -4a30-833d-e058e000c821&displaylang=en

Microsoft Windows Vista x64 Edition 0

* Microsoft Security Update for Windows Vista for x64-based Systems (KB935807)
  <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=0df5d190-3ad7" target="_blank">http://www.microsoft.com/downloads/details.aspx?FamilyId=0df5d190-3ad7</a> -42d5-8629-43c47ec450cb&displaylang=en

Microsoft Windows Vista 0

* Microsoft Security Update for Windows Vista (KB935807)
  <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa" target="_blank">http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa</a> -4a30-833d-e058e000c821&displaylang=en

Microsoft Windows Vista Business

* Microsoft Security Update for Windows Vista (KB935807)
  <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa" target="_blank">http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa</a> -4a30-833d-e058e000c821&displaylang=en

Microsoft Windows Vista Beta

* Microsoft Security Update for Windows Vista (KB935807)
  <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa" target="_blank">http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa</a> -4a30-833d-e058e000c821&displaylang=en

Microsoft Windows Vista Home Basic

* Microsoft Security Update for Windows Vista (KB935807)
  <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa" target="_blank">http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa</a> -4a30-833d-e058e000c821&displaylang=en

Microsoft Windows Vista beta 2

* Microsoft Security Update for Windows Vista (KB935807)
  <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa" target="_blank">http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa</a> -4a30-833d-e058e000c821&displaylang=en

Microsoft Windows Vista Home Premium

* Microsoft Security Update for Windows Vista (KB935807)
  <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa" target="_blank">http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa</a> -4a30-833d-e058e000c821&displaylang=en

Microsoft Windows Vista Enterprise

* Microsoft Security Update for Windows Vista (KB935807)
  <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa" target="_blank">http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa</a> -4a30-833d-e058e000c821&displaylang=en