[Am-info] Win - Microsoft-ds service malformed packet stream DoS
Fred A. Miller
fm@cupserv.org
Fri, 26 Apr 2002 16:11:05 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Win - Microsoft-ds service malformed packet stream DoS
Windows 2000 is vulnerable to a denial of service attack against the
Microsoft-ds service listing on port 445. A remote attacker can send
a particular malformed stream of data to the service, thereby causing
it to consume all available CPU time and kernel memory and eventually
resulting in a system crash.
Microsoft confirmed this problem and issued a workaround, which is
available at:
http://support.microsoft.com/default.aspx?scid=3Dkb;en-us;Q320751
Source: VulnWatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0025.html
- --=20
Fred A. Miller
Systems Administrator
Cornell Univ. Press Services
fm@cupserv.org, www.cupserv.org
- --- SuSE Linux v8.0 Pro---
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjzJtFkACgkQB9vk4ichYXf5cwCgkKSS9PA/bYWcMWIfcTRTW/L/
zawAn0sJRxJv6zSQIBSnvHTMXcMxrJdu
=3DXYsX
-----END PGP SIGNATURE-----