BUGTRAQ ID: 27634
CVE(CAN) ID: CVE-2008-0084
Windows Vista是微软发布的最新版本的操作系统。
Windows Vista的TCP/IP栈处理从DHCP服务器接收到报文的方式存在拒绝服务漏洞,攻击者可以创建特制的DHCP服务器,该服务器会向主机返回特制报文,破坏TCP/IP结构,导致受影响系统停止响应并自动重启。
Microsoft Windows Vista
临时解决方法:
为客户端机器分配静态的IP地址而不是自动请求IP地址:
厂商补丁:
Microsoft已经为此发布了一个安全公告(MS08-004)以及相应补丁:
MS08-004:Vulnerability in Windows TCP/IP Could Allow Denial of Service (946456)
链接:<a href=“http://www.microsoft.com/technet/security/Bulletin/MS08-004.mspx?pf=true” target=“_blank”>http://www.microsoft.com/technet/security/Bulletin/MS08-004.mspx?pf=true</a>
补丁下载:
<a href=“http://www.microsoft.com/downloads/details.aspx?familyid=8ce9608b-7049-47cd-adc4-22a803877d33” target=“_blank”>http://www.microsoft.com/downloads/details.aspx?familyid=8ce9608b-7049-47cd-adc4-22a803877d33</a>
<a href=“http://www.microsoft.com/downloads/details.aspx?familyid=d7b9c3d1-9c23-4e05-bac6-d0b327feaf53” target=“_blank”>http://www.microsoft.com/downloads/details.aspx?familyid=d7b9c3d1-9c23-4e05-bac6-d0b327feaf53</a>