Check Point Advisories

Preemptive Protection against Microsoft Windows IPv6 Denial of Service Vulnerability (MS06-064)

Check Point Reference: CPAI-2006-149
Date Published: 14 Dec 2006
Severity: Low
Last Updated: Thursday 03 May, 2007
Source: Microsoft Security Bulletin MS06-064
Industry Reference:


Protection Provided by:
Who is Vulnerable? Microsoft Windows XP
Microsoft Windows XP SP1
Microsoft Windows XP SP2
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Vulnerability Description A denial of service vulnerability has been detected in Microsoft Windows IPv6 TCP/IP stack. Internet Protocol version 6 (IPv6) is a new version of IP that follows IPv4 as the second version of the Internet Protocol. The primary purpose of IPv6 is to solve the problem of the shortage of IP addresses. An attacker may exploit the vulnerability to crash an affected system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS06-064
Vulnerability DetailsThe vulnerability is due to an error in the IPv6 TCP/IP stack when processing a malformed TCP packet. A remote attacker can exploit this flaw by specially crafting a packet with the 'SYN' flag set, and the source address and port are the same as the destination source and port, AKA a 'LAND' attack. Successful exploitation may result in crashing the target system.

Protection Overview

This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.