BugTraq
Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation Apr 03 2007 09:23PM
Jim Hoagland (jim_hoagland symantec com) (2 replies)
Re: Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation Apr 05 2007 11:46PM
Jim Hoagland (jim_hoagland symantec com)
FWIW, the unknown third party that requested the CVEs turns out to be MITRE,
the government contractor that provides operational support for CVE. They
independently assigned the CVEs after reading the report.

Microsoft has not updated their documentation yet.

-- Jim

On 4/3/07 2:23 PM, "Jim Hoagland" <jim_hoagland (at) symantec (dot) com [email concealed]> wrote:

> Hello all,
>
> In my blog today [1] I give a brief run-down of nine CVE entries that were
> recently published for Vista; the CVEs are numbered CVE-2007-1527 through
> CVE-2007-1535. At this point, I do not know who requested the entries be
> created. However, the entries are based on items reported in Symantec's
> recent Windows Vista Network Attack Surface Analysis report [2], for which I
> was lead author, so I thought that I was in a good position to explain them.
>
> Most of the CVEs are for items that are not especially significant and in
> one or two cases can be considered historic (aside from it being applicable
> to Vista in particular).
>
> I do discuss one item in more depth though, since I feel it is important.
> The documentation that is currently on the Microsoft web site makes it seem
> like you need to do something special for Teredo to become active. In
> reality, we have seen Teredo used on fresh Vista installs.
>
> Who is to say the reason Microsoft has the inaccurate information (it could
> be an innocent mistake that has remained unfixed for several months), but
> the effect is to downplay the configurations under which Teredo will be
> used. This misleads people as to how much attention they need to pay to
> Teredo when they install/deploy Vista. Teredo does pose some significant
> security concerns and it probably will not be uncommon to find a Vista host
> using Teredo.
>
> More in the blog [1] ...
>
> -- Jim
>
> [1]
> http://www.symantec.com/enterprise/security_response/weblog/2007/04/micr
osof
> ts_inaccurate_teredo_d.html ( http://preview.tinyurl.com/yu7vhu )
>
> [2]
> http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_
RTM.
> pdf ( http://preview.tinyurl.com/2qrglc )
>

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus