Alert: Microsoft Security Bulletin - MS03-029

• Previous message: Russ: "Alert: Microsoft Security Bulletin - MS03-030"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Wed, 23 Jul 2003 16:30:11 -0400
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

http://www.microsoft.com/technet/security/bulletin/MS03-029.asp

Flaw in Windows Function Could Allow Denial of Service (823803)

Originally posted: July 23, 2003

Summary

Who should read this bulletin: Systems administrators running Microsoft® Windows® NT 4.0 Server

Impact of vulnerability: Denial of service

Maximum Severity Rating: Moderate

Recommendation: Administrators of Windows NT 4.0 servers should consider applying the security patch.

Affected Software:
- Microsoft Windows NT 4.0 Server
- Microsoft Windows NT 4.0 Terminal Server EditionNot Affected Software:
- Microsoft Windows 2000
- Microsoft Windows XP
- Microsoft Windows Server 2003End User Bulletin: An end user version of this bulletin is available at:

http://www.microsoft.com/security/security_bulletins/ms03-029.asp.

Technical description:

A flaw exists in a Windows NT 4.0 Server file management function that can cause a denial of service vulnerability. The flaw results because the affected function can cause memory that it does not own to be freed when a specially crafted request is passed to it. If the application making the request to the function does not carry out any user input validation and allows the specially crafted request to be passed to the function, the function may free memory that it does not own. As a result, the application passing the request could fail.

By default, the affected function is not accessible remotely, however applications installed on the operating system that are available remotely may make use of the affected function. Application servers or Web servers are two such applications that may access the function. Note that Internet Information Server 4.0 (IIS 4.0) does not, by default, make use of the affected function.

Mitigating factors:
- The default installation of Windows NT 4.0 Server is not vulnerable to a remote denial of service. Additional software that makes use of the affected file management function must be installed on the system to expose the vulnerability remotely.
- If the application calling the affected file management function carries out input validation, the specially crafted request may not be passed to the vulnerable function.
- The vulnerability cannot be used to cause Windows NT 4.0 Server itself to fail. Only the application that makes the request may fail.

Vulnerability identifier: CAN-2003-0525

This email is sent to NTBugtraq automatically as a service to my subscribers. (v1.18)

Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!

With a growth rate exceeding 110%, the TICSA security practitioner
certification is one of the hottest IT credentials available. And now, for
a limited time, you can save 33% off of the TICSA certification exam! To
learn more about the TICSA certification, and to register as a TICSA
candidate online, just go to

http://www.trusecure.com/offer/s0100/

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

• Previous message: Russ: "Alert: Microsoft Security Bulletin - MS03-030"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]