Oval Definition:oval:org.mitre.oval:def:1744
Revision Date:2011-05-16Version:24
Title:WinXP IP Validation Vulnerability
Description:Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, and older operating systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IP packets with malformed options, aka the "IP Validation Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2005-0048
Platform(s):Microsoft Windows XP
Product(s):
Definition Synopsis
  • Windows XP is installed
  • AND 32-bit version of Windows or 64-bit (itanium architecture) version of Windows is installed
  • 32-Bit version of Windows is installed
  • OR a version of Windows for the ia64 architecture is installed
  • AND Win2K/XP/2003 service pack 2 (or earlier) is installed
  • AND A vulnerable version of tcpip.sys is installed.
  • Service Pack 1 is installed and tcpip.sys is less than 5.1.2600.1693
  • Win2K/XP/2003/Vista service pack 1 is installed
  • AND the version of Tcpip.sys is less than 5.1.2600.1693
  • OR Service Pack 2 is installed and tcpip.sys is less than 5.1.2600.2685
  • Win2K/XP/2003/Vista/2008 service pack 2 is installed
  • AND the version of Tcpip.sys is less than 5.1.2600.2685
  • AND NOT the patch KB893066 is installed
    • BACK