{ "id": "CVE-2010-4562", "sourceIdentifier": "cve@mitre.org", "published": "2012-02-02T17:55:00.800", "lastModified": "2024-11-21T01:21:12.847", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping. NOTE: due to a typo, some sources map CVE-2010-4562 to a ProFTPd mod_sql vulnerability, but that issue is covered by CVE-2010-4652." }, { "lang": "es", "value": "Microsoft Windows 2008, 7, Vista, 2003, 2000 y XP, cuando se utiliza IPv6, permite a atacantes remotos determinar si un host est\u00e1 interceptando el tr\u00e1fico de red mediante el env\u00edo de una solicitud de eco ICMPv6 (ICMPv6 Echo Request) a una direcci\u00f3n multicast y determinando si se env\u00eda una respuesta de eco, como lo demuestra la aplicaci\u00f3n thcping. NOTA: debido a un error tipogr\u00e1fico, algunas fuentes apuntan el CVE-2010-4562 a una vulnerabilidad mod_sql de ProFTPd, pero el problema est\u00e1 explicado en CVE-2010-4652." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "baseScore": 4.3, "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-200" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD" } ] } ] } ], "references": [ { "url": "http://seclists.org/dailydave/2011/q2/25", "source": "cve@mitre.org" }, { "url": "http://seclists.org/fulldisclosure/2011/Apr/254", "source": "cve@mitre.org" }, { "url": "http://seclists.org/dailydave/2011/q2/25", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://seclists.org/fulldisclosure/2011/Apr/254", "source": "af854a3a-2127-422b-91ae-364da2661108" } ] }