Reported August 14, 2001, by Microsoft.
VERSIONS AFFECTED
-
Microsoft Windows 2000 Server
-
Microsoft Windows 2000 Advanced Server
-
Microsoft Windows 2000 Datacenter Server
-
Microsoft Windows NT Server 4.0
-
Microsoft Windows NT Server, Enterprise Edition
DESCRIPTION
A
memory leak condition exists in the way certain Windows OSs (see above) process
new postings when using the Network News Transfer Protocol (NNTP) service. If an
attacker sends a large number of posts of a particular construction, those posts
can deplete the server’s available memory and disrupt service. A user can
reboot the server to resume normal service. Only servers that accept new
postings are vulnerable to this condition.
VENDOR RESPONSE
The vendor, Microsoft, has released security bulletin MS01-043 to address this vulnerability and recommends that users apply whichever of the following patches is relevant to their system:
Windows NT 4.0 Server and Enterprise Server
Windows 2000 Server and Advanced Server
Windows 2000 Datacenter Server patches are hardware-specific and available only through the OEM.
CREDIT
Discovered by Aiden
ORawe.