Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The LLTD Mapper in Microsoft Windows Vista does not verify that an IP address in a TLV type 0x07 field in a HELLO packet corresponds to a valid IP address for the local network, which allows remote attackers to trick users into communicating with an external host by sending a HELLO packet with the MW characteristic and a spoofed TLV type 0x07 field, aka the "Spoof and Management URL IP Redirect" attack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Windows Vista LLTD Mapper 欺骗和管理URL IP重定向攻击漏洞
Vulnerability Description
Microsoft Windows Vista中的LLTD Mapper没有校验HELLO信息包中的TLV type 0x07字段里的IP地址是否与本地网络的有效的IP地址相对应,这使得远程攻击者可以通过发送一个带有MW字符的HELLO信息包和一个伪造的TLV type 0x07字段,欺骗用户连接内部主机。又称"欺骗和管理URL IP重定向"攻击。
CVSS Information
N/A
Vulnerability Type
N/A