crackmyhash
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Windows TCP/IP Denial of Service Vulnerability
#1
Proof of concept for CVE-2021-24086, a NULL dereference in tcpip.sys triggered remotely.

CVE-2021-24086
This is a proof of concept for CVE-2021-24086 (“Windows TCP/IP Denial of Service Vulnerability “), a NULL dereference in tcpip.sys patched by Microsoft in February 2021. According to this tweet, the vulnerability has been found by @piazzt. It is triggerable remotely by sending malicious UDP packet over IPv6.

You can read Microsoft’s blog here: Multiple Security Updates Affecting TCP/IP:  CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086. It discusses briefly the impact and workaround/mitigations.

Read More : https://reconshell.com/windows-tcp-ip-de...erability/
------------------
Thanks
https://reconshell.com
[Image: logo-white1.png]

Forum Jump:

Users browsing this thread: 1 Guest(s)