First published: Tue Feb 14 2006(Updated: )
Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability."
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows XP | =sp1 | |
Microsoft Windows Server 2003 | =web | |
Microsoft Windows Server 2003 | =enterprise | |
Microsoft Windows XP | ||
Microsoft Windows Server 2003 | =enterprise_64-bit | |
Microsoft Windows XP | =gold | |
Microsoft Windows XP | ||
Microsoft Windows Server 2003 | =standard_64-bit | |
Microsoft Windows Server 2003 | =datacenter_64-bit-sp1 | |
Microsoft Windows XP | =sp2 | |
Microsoft Windows XP | =sp1 | |
Microsoft Windows XP | ||
Microsoft Windows XP | =sp1 | |
Microsoft Windows Server 2003 | =r2-sp1 | |
Microsoft Windows Server 2003 | =r2 | |
Microsoft Windows Server 2003 | =web-sp1 | |
Microsoft Windows XP | =sp2 | |
Microsoft Windows XP | ||
Microsoft Windows Server 2003 | =standard-sp1 | |
Microsoft Windows Server 2003 | =enterprise-sp1 | |
Microsoft Windows XP | =sp1 | |
Microsoft Windows Server 2003 | =standard | |
Microsoft Windows XP | =sp2 | |
Microsoft Windows Server 2003 | =r2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2006-0021 is classified as a denial of service vulnerability, potentially allowing remote attackers to hang the affected systems.
To mitigate CVE-2006-0021, it is recommended to apply the latest security updates from Microsoft that address this issue.
CVE-2006-0021 affects Microsoft Windows XP SP1, SP2, and Windows Server 2003 up to SP1.
CVE-2006-0021 involves an attack using an IGMP packet that contains an invalid IP option.
Yes, CVE-2006-0021 can be exploited remotely by attackers to cause denial of service on the affected systems.