TCP.State.Table.Manipulation.DoS
Description
This indicates an attack attempt against a denial-of-service vulnerability in Microsoft Windows TCP/IP stack.
The vulnerability is caused by an error when the vulnerable product handles an excessive number of established TCP connections with a specially crafted ACK. It allows a remote attacker to cause a denial of service.
Affected Products
Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2
Windows XP Service Pack 3
Windows Server 2003 Service Pack 2
Windows Vista
Windows Vista Service Pack 1
Windows Vista Service Pack 2
Windows Server 2008
Windows Server 2008 Service Pack 2
Impact
Denial of service
Recommended Actions
Apply the patch supplied by the vendor:
http://www.microsoft.com/technet/security/Bulletin/MS09-048.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |