Denial of Service in Microsoft DirectPlay

Reported June 08, 2004, by Microsoft

VERSIONS AFFECTED

  • Windows Server 2003
  • Windows XP
  • Windows 2000
  • Windows 98

DESCRIPTION
A Denial of Service (DOS) vulnerability exists in the implementation of the IDirectPlay4 API of Microsoft DirectPlay. This vulnerability stems from of a lack of robust packet validation.

VENDOR RESPONSE
Microsoft has released bulletin MS04-016, "Vulnerability in DirectPlay Could Allow Denial of Service" (839643), to address this vulnerability and recommends that affected users apply the appropriate patch listed in the bulletin.

CREDIT
Discovered by John Lampe, Tenable Network Security.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish