Forums before death by AOL, social media and spammers... "We can't have nice things"
| comp.protocols.tcp-ip | TCP and IP network protocols. | 14,669 messages |
[ << oldest | < older | list | newer > | newest >> ]
| Message 14,515 of 14,669 |
| skybuck2000 to All |
| (RCE) Remote Code Execution bug/exploit |
| 11 Feb 21 07:34:28 |
From: skybuck2000@hotmail.com IPv4 Source Routing requests bug in all versions of windows: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24074 IPv6 re-assembly bug in all versions of windows that have IPv6: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24094 Work around, run these two commands in ms-dos prompt with admin rights, (this will make system more secure): netsh int ipv4 set global sourceroutingbehavior=drop Netsh int ipv6 set global reassemblylimit=0 To re-enable later or never, (this will make system insecure): netsh int ipv4 set global sourceroutingbehavior=dontforward Netsh int ipv6 set global reassemblylimit=267748640 Skybuck's take on this: To me it seems these are some kind of ipv4 and ipv6 fragment/re-assembly bugs in combination with these features/source request. In default state windows systems might be protected, though this is unsure to me at this moment. Therefore it seems very wise to run these two commands to protect older systems. This also include the still popular and valuable windows 7 operating system ! Bye for now, Skybuck. --- SoupGate-Win32 v1.05 * Origin: you cannot sedate... all the things you hate (1:229/2) |
(c) 1994, bbs@darkrealms.ca