Remote Code Execution in Teredo Clients by Microsoft
CVE-2006-6265

Currently unrated

Key Information:

Vendor
Microsoft
Status
Teredo
Vendor
CVE Published:
4 December 2006

Summary

The vulnerability in Teredo clients allows remote attackers to establish an inbound connection when these clients are located behind restricted NATs. This is accomplished by utilizing the client port number from the Teredo address or employing the bubble-to-open procedure, circumventing traditional NAT restrictions that typically require extensive guessing to find an appropriate port mapping.

References

http://www.symantec.com/avcenter/reference/Teredo_Securit...
x_refsource_MISC
http://www.securityfocus.com/archive/1/452996/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/452989/100/0/threaded
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2006-6265 : Remote Code Execution in Teredo Clients by Microsoft | SecurityVulnerability.io