|
|
>> Microsoft Windows RPC Memory Allocation Denial of Service Vulnerability
|
Title : Microsoft Windows RPC Memory Allocation Denial of Service Vulnerability
VUPEN ID : VUPEN/ADV-2005-2468
CVE ID : CVE-2005-3644
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-11-17
|
A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers to cause a denial of service. This flaw is due to a memory allocation error when processing specially crafted UPnP (Universal Plug and Play) "GetDeviceList" requests via RPC (Remote Procedure Call), which could be exploited by attackers to crash a vulnerable system or cause the "services.exe" process to consume a large amount of system resources.
Note : On Windows 2000, a remote attacker can exploit this vulnerability anonymously. On Windows XP Service Pack 1, an attacker must have valid logon credentials to exploit this vulnerability.
Affected Products
Microsoft Windows 2000 Service Pack 4
Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 2
Microsoft Windows 2000 Service Pack 1
Microsoft Windows 2000
Microsoft Windows XP Service Pack 1
Solution
Block UDP ports 135, 137, 138, and 445, and TCP ports 135, 139, 445, and 593.
VUPEN Security is not aware of any vendor-supplied patch.
References
http://www.vupen.com/english/advisories/2005/2468
http://www.microsoft.com/technet/security/advisory/911052.mspx
Credits
Vulnerability reported by Winny Thomas
ChangeLog
2005-11-17 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
