Denial of Service Condition in Microsoft NNTP Service for Windows 2000/NT

Reported August 14, 2001, by Microsoft.

VERSIONS AFFECTED

  • Microsoft Windows 2000 Server

  • Microsoft Windows 2000 Advanced Server

  • Microsoft Windows 2000 Datacenter Server

  • Microsoft Windows NT Server 4.0

  • Microsoft Windows NT Server, Enterprise Edition

 

DESCRIPTION
A memory leak condition exists in the way certain Windows OSs (see above) process new postings when using the Network News Transfer Protocol (NNTP) service. If an attacker sends a large number of posts of a particular construction, those posts can deplete the server’s available memory and disrupt service. A user can reboot the server to resume normal service. Only servers that accept new postings are vulnerable to this condition.

 

VENDOR RESPONSE

The vendor, Microsoft, has released security bulletin MS01-043 to address this vulnerability and recommends that users apply whichever of the following patches is relevant to their system:

 

Windows NT 4.0 Server and Enterprise Server

 

Windows 2000 Server and Advanced Server

 

Windows 2000 Datacenter Server patches are hardware-specific and available only through the OEM.

 

CREDIT
Discovered by Aiden ORawe.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish