Check Point Advisories

Built-In Protection against IGMPv3 Denial of Service Vulnerability (MS06-007)

Check Point Reference: CPAI-2006-019
Date Published: 16 Feb 2006
Severity: High
Last Updated: Monday 07 May, 2007
Source: Microsoft Security Bulletin MS06-007
Industry Reference:CVE-2006-0021
Protection Provided by:
Who is Vulnerable? Microsoft Windows XP SP1/SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
Vulnerability Description A denial of service vulnerability exists in the handling of IGMPv3 (Internet Group Management Protocol). IGMP is a routing protocol used by hosts and routers to dynamically register and discover multicast group memberships. By sending a specially crafted IGMP packet, a remote attacker could stop the affected system to stop responding.
Update/Patch AvaliableMicrosoft has released a patch for this vulnerability. For the patch, refer to
Vulnerability DetailsThe vulnerability is due to an error when processing specially crafted IGMP (Internet Group Management Protocol) packets.  Note that the vulnerability would not allow an attacker to execute code or to elevate their user rights, but it could cause the affected system to stop accepting requests.

Protection Overview

This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.