CVE-2007-1527 - OpenCVE

The LLTD Mapper in Microsoft Windows Vista does not verify that an IP address in a TLV type 0x07 field in a HELLO packet corresponds to a valid IP address for the local network, which allows remote attackers to trick users into communicating with an external host by sending a HELLO packet with the MW characteristic and a spoofed TLV type 0x07 field, aka the "Spoof and Management URL IP Redirect" attack.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows Vista

Configuration 1 [-]

cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://osvdb.org/33663
http://www.securityfocus.com/archive/1/462793/100/0/threaded
http://www.securityfocus.com/archive/1/464617/100/0/threaded
http://www.securityfocus.com/bid/23279
http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf
http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-03-20T20:00:00

Updated: 2024-08-07T12:59:08.518Z

Reserved: 2007-03-20T00:00:00

Link: CVE-2007-1527

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-03-20T20:19:00.000

Modified: 2018-10-16T16:38:54.377

Link: CVE-2007-1527

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-03-13T00:00:00", "descriptions": [{"lang": "en", "value": "The LLTD Mapper in Microsoft Windows Vista does not verify that an IP address in a TLV type 0x07 field in a HELLO packet corresponds to a valid IP address for the local network, which allows remote attackers to trick users into communicating with an external host by sending a HELLO packet with the MW characteristic and a spoofed TLV type 0x07 field, aka the \"Spoof and Management URL IP Redirect\" attack."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf"}, {"name": "20070313 New report on Windows Vista network attack surface", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/462793/100/0/threaded"}, {"name": "20070403 Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/464617/100/0/threaded"}, {"name": "33663", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/33663"}, {"tags": ["x_refsource_MISC"], "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html"}, {"name": "23279", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23279"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1527", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The LLTD Mapper in Microsoft Windows Vista does not verify that an IP address in a TLV type 0x07 field in a HELLO packet corresponds to a valid IP address for the local network, which allows remote attackers to trick users into communicating with an external host by sending a HELLO packet with the MW characteristic and a spoofed TLV type 0x07 field, aka the \"Spoof and Management URL IP Redirect\" attack."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf", "refsource": "MISC", "url": "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf"}, {"name": "20070313 New report on Windows Vista network attack surface", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/462793/100/0/threaded"}, {"name": "20070403 Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/464617/100/0/threaded"}, {"name": "33663", "refsource": "OSVDB", "url": "http://osvdb.org/33663"}, {"name": "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html", "refsource": "MISC", "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html"}, {"name": "23279", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23279"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:59:08.518Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf"}, {"name": "20070313 New report on Windows Vista network attack surface", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/462793/100/0/threaded"}, {"name": "20070403 Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/464617/100/0/threaded"}, {"name": "33663", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/33663"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html"}, {"name": "23279", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23279"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1527", "datePublished": "2007-03-20T20:00:00", "dateReserved": "2007-03-20T00:00:00", "dateUpdated": "2024-08-07T12:59:08.518Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The LLTD Mapper in Microsoft Windows Vista does not verify that an IP address in a TLV type 0x07 field in a HELLO packet corresponds to a valid IP address for the local network, which allows remote attackers to trick users into communicating with an external host by sending a HELLO packet with the MW characteristic and a spoofed TLV type 0x07 field, aka the \"Spoof and Management URL IP Redirect\" attack."}, {"lang": "es", "value": "El LLTD Mapper en Microsoft Windows Vista no verifica que un direcci\u00f3n IP en un campo 0x07 tipo TLV en un paquete HELLO corresponde a una direcci\u00f3n IP valida para la red local, lo cual permite a atacantes remotos enga\u00f1ar usuarios dentro de la comunicaci\u00f3n con un host externo con el env\u00edo de paquetes HELLO con la caracter\u00edstica MW y un campo TLV tipo 0x07 suplantado, tambi\u00e9n conocido como ataque \"suplantaci\u00f3n y gesti\u00f3n de la redirecci\u00f3n URL IP\"."}], "id": "CVE-2007-1527", "lastModified": "2018-10-16T16:38:54.377", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-03-20T20:19:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/33663"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/462793/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/464617/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/23279"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf"}, {"source": "cve@mitre.org", "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}