Oval Definition:oval:org.mitre.oval:def:8449
Revision Date:2010-03-22Version:20
Title:TCP/IP Selective Acknowledgement Vulnerability
Description:The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via crafted packets with malformed TCP selective acknowledgement (SACK) values, aka "TCP/IP Selective Acknowledgement Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2010-0242
Platform(s):Microsoft Windows Server 2008
Microsoft Windows Vista
Product(s):
Definition Synopsis
  • Vulnerable Microsoft Windows Vista x86/x64 - GDR
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • AND The version of Tcpip.sys is less than 6.0.6000.16973
  • AND the version of Tcpip.sys is greater than or equal 6.0.6000.16000
  • OR Vulnerable Microsoft Windows Vista x86/x64 - LDR
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • AND The version of Tcpip.sys is less than 6.0.6000.21175
  • AND the version of Tcpip.sys is greater than or equal 6.0.6000.20000
  • OR Vulnerable Microsoft Windows Vista SP1 x86/x64, Server 2008 32bit/x64/ia64 - GDR
  • Microsoft Windows Vista (32-bit) Service Pack 1 is installed
  • OR Microsoft Windows Vista x64 Edition Service Pack 1 is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • OR Microsoft Windows Server 2008 (ia-64) is installed
  • AND The version of Tcpip.sys is less than 6.0.6001.18377
  • AND the version of Tcpip.sys is greater than or equal 6.0.6001.18000
  • OR Vulnerable Microsoft Windows Vista SP1 x86/x64, Server 2008 32bit/x64/ia64 - LDR
  • Microsoft Windows Vista (32-bit) Service Pack 1 is installed
  • OR Microsoft Windows Vista x64 Edition Service Pack 1 is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • OR Microsoft Windows Server 2008 (ia-64) is installed
  • AND The version of Tcpip.sys is less than 6.0.6001.22577
  • AND the version of Tcpip.sys is greater than or equal 6.0.6001.22000
  • OR Vulnerable Microsoft Windows Vista SP2 x86/x64, Server 2008 SP2 32bit/x64/ia64 - GDR
  • Microsoft Windows Vista (32-bit) Service Pack 2 is installed
  • OR Microsoft Windows Vista x64 Edition Service Pack 2 is installed
  • OR Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed
  • OR Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed
  • OR Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed
  • AND The version of Tcpip.sys is less than 6.0.6002.18160
  • AND the version of Tcpip.sys is greater than or equal 6.0.6002.18000
  • OR Vulnerable Microsoft Windows Vista SP2 x86/x64, Server 2008 SP2 32bit/x64/ia64 - LDR
  • Microsoft Windows Vista (32-bit) Service Pack 2 is installed
  • OR Microsoft Windows Vista x64 Edition Service Pack 2 is installed
  • OR Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed
  • OR Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed
  • OR Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed
  • AND The version of Tcpip.sys is less than 6.0.6002.22283
  • AND the version of Tcpip.sys is greater than or equal 6.0.6002.22000
    • BACK