6414 : Win2K & XP IPSEC Filtering bypass
Printer | http://osvdb.org/6414 | Email This | Edit Vulnerability

Views This Week

Views All Time

Info

Last Modified

8 months ago

Percent Complete

100%

Disclosure

May 25, 2004

Discovery

Unknown

Dates

Exploit

May 19, 2004

Solution

Unknown

Description

Microsft Windows contains a flaw that may allow a remote attacker to bypass the IPSEC filter by using port 88. The issue is due to the IPSEC filter having a default exemption to the Kerberos port(88). It is possible that the flaw may allow a remote attacker to gain unauthorized network access resulting in a loss of integrity.

Classification

Location: Remote/Network Access Required
Attack Type: Misconfiguration
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Technical

Subsequent reports indicate arbitrary Windows installations may or may not have this key set, regardless of service pack level.

The full registry path:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPSEC\NoDefaultExempt

Recommended setting: 1 (DWORD)

Solution

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): Set registry key NoDefaultExempt=1 on all Windows 2000-based and Windows XP-based computers

Products

Microsoft Corporation	Windows	2000
		XP

References

Microsoft Knowledge Base Article: 253169 810207 811832
Mail List Post: http://archives.neohapsis.com/archives/sf/pentest/2004-05/0092.html

Credit

JJ Gray -

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches

Views This Week

Views All Time

Info

Last Modified

Percent Complete

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Technical

Solution

Products

Microsoft Corporation

Windows

References

Credit

Blogs

Comments