|
Microsoft Windows XP TCP Packet Information Leakage Vulnerability
The following packet capture, which demonstrates this lack of URG flag initialization, has been supplied by Michal Zalewski. <Tue Sep 2 13:02:48 2003> A:3827 - Windows XP (2) (PLEASE REPORT!) [GENERIC] Signature: [16384:119:1:48:M1460,N,N,S:U:Windows:?] -> server:80 (distance 9, link: ethernet/modem) -- EXTRA TCP VALUES: ACK=0x0, UNUSED=0, URG=0x819e <Tue Sep 2 13:02:48 2003> A:3829 - Windows XP (2) (PLEASE REPORT!) [GENERIC] Signature: [16384:119:1:48:M1460,N,N,S:U:Windows:?] -> server:80 (distance 9, link: ethernet/modem) -- EXTRA TCP VALUES: ACK=0x0, UNUSED=0, URG=0xdc19 <Tue Sep 2 13:02:49 2003> A:3830 - Windows XP (2) (PLEASE REPORT!) [GENERIC] Signature: [16384:119:1:48:M1460,N,N,S:U:Windows:?] -> server:80 (distance 9, link: ethernet/modem) -- EXTRA TCP VALUES: ACK=0x0, UNUSED=0, URG=0x8158 <Tue Sep 2 13:02:49 2003> A:3833 - Windows XP (2) (PLEASE REPORT!) [GENERIC] Signature: [16384:119:1:48:M1460,N,N,S:U:Windows:?] -> server:80 (distance 9, link: ethernet/modem) -- EXTRA TCP VALUES: ACK=0x0, UNUSED=0, URG=0x8158 |
|
|
Privacy Statement |
