Denial of Service in Windows 2000 Internet Key Exchange

Reported December 7, 2001, by c0redump.

VERSIONS AFFECTED

 

  • Microsoft Windows 2000

 

DESCRIPTION
A Denial of Service (DoS) condition exists in Microsoft Windows 2000 Internet Key (IKE) Exchange Service. If a potential attacker connected to a Windows 2000 system on port 500 and flooded the service with UDP packets of 800 bytes or greater, the system will stop responding.

 

VENDOR RESPONSE

The vendor, Microsoft, has not released a fix or workaround for this issue. As a temporary workaround, it is recommended that affected users who are not utilizing IPSec in Windows 2000 firewall off port 500.

 

CREDIT
Discovered by c0redump.

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish