Alert: Microsoft Security Bulletin MS04-008 - Vulnerability in Windows Media Services Could Allow a Denial of Service (832359)

From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 03/10/04

  • Next message: Russ: "Alert: Microsoft Security Bulletin MS04-009 - Vulnerability in Microsoft Outlook Could Allow Code Execution (828040)"
    Date:         Tue, 9 Mar 2004 19:19:11 -0500
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    Microsoft Security Bulletin MS04-008:
    Vulnerability in Windows Media Services Could Allow a Denial of Service
    (832359)

    Bulletin URL:
    http://www.microsoft.com/technet/security/bulletin/MS04-008.mspx

    Summary:
     Version Number: V1.0
     Revision Date: 03-09-2004
     Impact of Vulnerability: Denial of Service
     Maximum Severity Rating: Moderate
     Patch(es) Replaced: None
     Caveats: None
     CVE Number(s): CAN-2003-0905

    Tested Software:
     Affected Software:
     * Microsoft Windows 2000 Server Service Pack 2, Microsoft Windows 2000
    Server Service Pack 3, Microsoft Windows 2000 Server Service Pack 4 -
    <http://www.ntbugtraq.com/link/7F4C067C-5D34-48FB-A9FA-C2200243D4D2.asp>

     Affected Components:
     * Windows Media Services 4.1 (included with Microsoft Windows 2000
    Server)

     Software Not Affected:
     * Microsoft Windows NT(r) Workstation 4.0 Service Pack 6a
     * Microsoft Windows NT Server 4.0 Service Pack 6a
     * Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack
    6
     * Microsoft Windows 2000 Professional Service Pack 2, Microsoft Windows
    2000 Professional Service Pack 3, Microsoft 2000 Professional Service
    Pack 4
     * Microsoft Windows XP, Microsoft Windows XP Service Pack 1
     * Microsoft Windows XP 64-Bit Edition Service Pack 1
     * Microsoft Windows XP 64-Bit Edition Version 2003
     * Microsoft Windows Server(tm) 2003
     * Microsoft Windows Server 2003 64-Bit Edition

    Technical Description:

    A vulnerability exists because of the way that Windows Media Station
    Service and Windows Media Monitor Service, components of Windows Media
    Services, handle TCP/IP connections. If a remote user were to send a
    specially-crafted sequence of TCP/IP packets to the listening port of
    either of these services, the service could stop responding to requests
    and no additional connections could be made. The service must be
    restarted to regain its functionality.
    Windows Media Services is made up of Windows Media Services
    Administrator and four Windows Media Services components running on a
    single computer:
    By using Windows Media Unicast Service, Windows Media content can be
    streamed over unicast, using either TCP or UDP as a transport, to
    Microsoft Windows Media Player or to another Windows Media server.
    Windows Media Station Service performs three key functions:

    *It arranges one or more streams of content (also known as a "playlist"
    or "program") for subsequent streaming.

    *It multicasts the playlist or program to Windows Media Player or to
    another Windows Media server.

    *It distributes the playlist or program locally to Windows Media Unicast
    Service for subsequent unicasting to Windows Media Player or to another
    Windows Media server.

    Windows Media Program Service is a dependent service of Windows Media
    Station Service. Windows Media Program Service helps the server
    administrator build playlists of Windows Media content using Windows
    Media Services Administrator and persist those playlists for future use.
    Windows Media Monitor Service is the administrative console of Windows
    Media Services.
    Note Windows Media Unicast Service may also be affected by a
    successful attack against Windows Media Station Service if Windows Media
    Unicast Service is sourcing a playlist from Windows Media Station
    Service. In this case, Windows Media Unicast Service could stop
    functioning when it encounters the next item in the playlist. An
    administrator can stream media by using Windows Media Unicast Service
    without a playlist.

    This email is sent to NTBugtraq automagically as a service to my
    subscribers. (v3)

    Cheers,
    Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor

    -----
    NTBugtraq Editor's Note:

    Want to reply to the person who sent this message? This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you''ll have to copy their email address out of the message and place it in your TO: field.
    -----


  • Next message: Russ: "Alert: Microsoft Security Bulletin MS04-009 - Vulnerability in Microsoft Outlook Could Allow Code Execution (828040)"

    Relevant Pages

    • Re: corupt Windows Media Licenses (wmdrm)
      ... Microsoft Windows Media Player 10 may not work correctly after you upgrade to ...
      (microsoft.public.windowsxp.general)
    • error C00D0BB8
      ... was on the Windows Media Version 9.000.00.3250 I am on Microsoft Windows XP ... Home Edition Version 2002 Service Pack 2. ...
      (microsoft.public.windowsmedia.player)
    • "The specific module could not be found."
      ... I've got the latest updated Windows Media Player on my Microsoft Windows XP ... and i've downloaded a bunch of songs from CD tracks onto it. ...
      (microsoft.public.windowsmedia.player)
    • cannot copy cd to media player
      ... I received an error message ID#80070041/ network access denied. ... I have microsoft windows XP 2002 windows media 9 series ... we are connected to the network always, besides what does that have to do with copying a CD ...
      (microsoft.public.windowsmedia.player)
    • RE: Window Media Player not playing
      ... and MPEg video based files in the "The Music" folder in the Hard drive.. ... Windows Media Player cannot access the file. ... Verify that you have the appropriate access rights, ... playlists are stored in the My Playlists folder. ...
      (microsoft.public.windowsxp.music)