CVE-2007-1535 Information

Description

Microsoft Windows Vista establishes a Teredo address without user action upon connection to the Internet contrary to documentation that Teredo is inactive without user action which increases the attack surface and allows remote attackers to communicate via Teredo.

Reference

http://osvdb.org/33667 http://www.securityfocus.com/archive/1/462793/100/0/threaded http://www.securityfocus.com/archive/1/464617/100/0/threaded http://www.securityfocus.com/bid/23267 http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html