Reported May 09, 2001, by Defcom Labs.
VERSION AFFECTED
- Microsoft Windows 2000 Server, Windows 2000 Advanced Server, Windows 2000 Datacenter Server
DESCRIPTION
A Denial of Service (DoS) condition exists in the
Windows 2000 Kerberos and Kerberos password services that can let a potential
attacker disrupt logon on requests and Kerberos ticket granting. By repeatedly
connecting to the Kerberos services on TCP ports 88 and 464, and not reading
from the socket, an attacker can cause the Local Security Authority (LSA)
subsystem to leak memory. After the attacker has made approximately 4000 of
these connections, the Kerberos system quits responding completely. To regain
system functionality, an administrator has to reboot the system.
CREDIT
Discovered by Peter
Gründl.
0 comments
Hide comments