Alert: Microsoft Security Bulletin MS04-016 - Vulnerability in DirectPlay Could Allow Denial of Service (839643)

• Previous message: Russ Cooper: "MinorRev: Microsoft Security Bulletin MS04-015 - Vulnerability in Help and Support Center Could Allow Remote Code Execution (840374)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Tue, 15 Jun 2004 17:53:05 -0400
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

Microsoft Security Bulletin MS04-016:
Vulnerability in DirectPlay Could Allow Denial of Service (839643)

Bulletin URL:
<http://www.microsoft.com/technet/security/bulletin/MS04-016.mspx>

Version Number: 1.0
Issued Date: Tuesday, June 08, 2004
Impact of Vulnerability: Denial of Service
Maximum Severity Rating: Moderate
Patch(es) Replaced: None
Caveats: None

Executive Summary:
------------------
This update resolves a newly-discovered, privately reported
vulnerability. A denial of service vulnerability exists in the
implementation of the IDirectPlay4 application programming interface
(API) of Microsoft DirectPlay because of a lack of robust packet
validation. The vulnerability is documented in the Vulnerability Details
section of this bulletin.

If a user is running a networked DirectPlay application, an attacker who
successfully exploited this vulnerability could cause the DirectPlay
application to fail. The user would have to restart the application to
resume functionality.

Tested Software:
Affected Software:
------------------
* Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service
Pack 3, Microsoft Windows 2000 Service Pack 4
<http://tinyurl.com/3df5n>
* Microsoft Windows XP and Microsoft Windows XP Service Pack 1
<http://tinyurl.com/2r6y7>
* Microsoft Windows XP 64-Bit Edition Service Pack 1
<http://tinyurl.com/ywyg9>
* Microsoft Windows XP 64-Bit Edition Version 2003
<http://tinyurl.com/2dkuq>
* Microsoft Windows Server(tm) 2003
<http://tinyurl.com/yrukd>
* Microsoft Windows Server 2003 64-Bit Edition
<http://tinyurl.com/2dkuq>
* Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
Microsoft Windows Millennium Edition (Me) - Review the FAQ section of
this bulletin for details about these operating systems.

Affected Components:
--------------------
* Microsoft DirectX. 7.0a, 7.1, 8.1, 8.1a, 8.1b, 8.2, 9.0, 9.0a, 9.0b on
Windows 98, Windows 98 Second Edition, Windows Millennium Edition -
Review the FAQ section of this bulletin for details about these
operating systems.
* Microsoft DirectX 8.0, 8.0a, when installed on Windows 2000
<http://tinyurl.com/39qqr>
* Microsoft DirectX 8.1, 8.1a, 8.1b when installed on Windows 2000
<http://tinyurl.com/26b7y>
* Microsoft DirectX 8.2 when installed on Windows 2000, or Windows XP
<http://tinyurl.com/32h32>
* Microsoft DirectX 9.0, 9.0a, 9.0b when installed on Windows 2000,
Windows XP, or Windows Server 2003
<http://tinyurl.com/2kulz>

Technical Description:
----------------------
* DirectPlay Vulnerability - CAN-2004- 0202: A denial of service
vulnerability exists in the IDirectPlay4 Application Programming
Interface (API) of Microsoft DirectPlay. Applications that implement
this API are typically network-based multi-player games. An attacker who
successfully exploited this vulnerability could cause the application to
fail.

This email is sent to NTBugtraq automagically as a service to my
subscribers. (v4.01.1627.30356)

Cheers,
Russ - Senior Scientist - TruSecure Corporation/NTBugtraq Editor

-----
NTBugtraq Editor's Note:

Want to reply to the person who sent this message? This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you''ll have to copy their email address out of the message and place it in your TO: field.
-----

• Previous message: Russ Cooper: "MinorRev: Microsoft Security Bulletin MS04-015 - Vulnerability in Help and Support Center Could Allow Remote Code Execution (840374)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages SecurityFocus Microsoft Newsletter #102 ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft Windows Media Player File Attachment Script Execution... ... Microsoft TSAC ActiveX Control Buffer Overflow Vulnerability ... Abyss Web Server Malicious HTTP Request Information Disclosure... ... (Focus-Microsoft) SecurityFocus Microsoft Newsletter #336 ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft Windows Unspecified Remote Code Execution Vulnerability ... Microsoft Windows Explorer BMP Image Denial of Service Vulnerability ... An attacker could leverage this issue to have arbitrary code execute with kernel level privileges. ... (Focus-Microsoft) SecurityFocus Microsoft Newsletter #398 ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft Windows WINS Server Local Privilege Escalation Vulnerability ... Microsoft Windows Active Directory LDAP Request Validation Remote Denial Of Service Vulnerability ... (Focus-Microsoft) DHS/FedCIRC Advisory FA-2003-27 Multiple Vulnerabilities in Microsoft Windows and Exchange ... There are multiple vulnerabilities in Microsoft Windows and Microsoft ... execute arbitrary code. ... For detailed information, see the following vulnerability ... (microsoft.public.security.virus) SecurityFocus Microsoft Newsletter #377 ... MICROSOFT VULNERABILITY SUMMARY ... BitTorrent and uTorrent Peers Window Remote Denial Of Service Vulnerability ... Microsoft Windows TCP/IP IGMP MLD Remote Buffer Overflow Vulnerability ... (Focus-Microsoft)