[NT] Vulnerability in DirectPlay Could Allow DoS (MS04-016)

From: SecuriTeam (support_at_securiteam.com)
Date: 06/09/04

  • Next message: SecuriTeam: "[UNIX] cPanel mod_php suexec Taint Vulnerability"
    To: list@securiteam.com
    Date: 9 Jun 2004 19:35:56 +0200
    
    

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    The SecuriTeam alerts list - Free, Accurate, Independent.

    Get your security news from a reliable source.
    http://www.securiteam.com/mailinglist.html

    - - - - - - - - -

      Vulnerability in DirectPlay Could Allow DoS (MS04-016)
    ------------------------------------------------------------------------

    SUMMARY

    This update resolves a newly discovered, privately reported vulnerability.
    A denial of service vulnerability exists in the implementation of the
    IDirectPlay4 application programming interface (API) of Microsoft
    DirectPlay because of a lack of robust packet validation. The
    vulnerability is documented in the Vulnerability Details section of this
    bulletin.

    If a user is running a networked DirectPlay application, an attacker who
    successfully exploited this vulnerability could cause the DirectPlay
    application to fail. The user would have to restart the application to
    resume functionality.

    DETAILS

    Affected Software:
     * Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service
    Pack 3, Microsoft Windows 2000 Service Pack 4 -
    <http://www.microsoft.com/downloads/details.aspx?FamilyId=DCAED052-6CE6-4709-84B3-9F1E0C182010&displaylang=en> Download the update
     * Microsoft Windows XP and Microsoft Windows XP Service Pack 1 -
    <http://www.microsoft.com/downloads/details.aspx?FamilyId=1BEF9C9D-B317-4575-90E6-E89779469D37&displaylang=en> Download the update
     * Microsoft Windows XP 64-Bit Edition Service Pack 1 -
    <http://www.microsoft.com/downloads/details.aspx?FamilyId=B99445C7-3070-4CFA-9CCE-225B92E90698&displaylang=en> Download the update
     * Microsoft Windows XP 64-Bit Edition Version 2003 -
    <http://www.microsoft.com/downloads/details.aspx?FamilyId=F677DCD7-00D6-4DB6-A4E8-201579CC0761&displaylang=en> Download the update
     * Microsoft Windows Server 2003 -
    <http://www.microsoft.com/downloads/details.aspx?FamilyId=EBA8BD7D-033B-460D-9088-4BFE7BE22B73&displaylang=en> Download the update
     * Microsoft Windows Server 2003 64-Bit Edition -
    <http://www.microsoft.com/downloads/details.aspx?FamilyId=F677DCD7-00D6-4DB6-A4E8-201579CC0761&displaylang=en> Download the update
     * Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
    Microsoft Windows Millennium Edition (Me) - Review the FAQ section of this
    bulletin for details about these operating systems.

    Non-Affected Software:
     * Microsoft Windows NT Workstation 4.0 Service Pack 6a
     * Microsoft Windows NT Server 4.0 Service Pack 6a
     * Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6

    Tested Microsoft Windows Components:
    Affected Components:
     * Microsoft DirectX\x{00AE} 7.0a, 7.1, 8.1, 8.1a, 8.1b, 8.2, 9.0, 9.0a,
    9.0b on Windows 98, Windows 98 Second Edition, Windows Millennium Edition
    - Review the FAQ section of this bulletin for details about these
    operating systems.
     * Microsoft DirectX 8.0, 8.0a, when installed on Windows 2000 -
    <http://www.microsoft.com/downloads/details.aspx?FamilyId=5595043A-AD55-47E3-A5CE-778DCDE13820&displaylang=en> Download the update
     * Microsoft DirectX 8.1, 8.1a, 8.1b when installed on Windows 2000 -
    <http://www.microsoft.com/downloads/details.aspx?FamilyId=52139FDD-7926-4DAE-A872-F67B1B55F2D0&displaylang=en> Download the update
     * Microsoft DirectX 8.2 when installed on Windows 2000, or Windows XP -
    <http://www.microsoft.com/downloads/details.aspx?FamilyId=AC8325FA-DB1B-4A77-9800-716C5C74AC74&displaylang=en> Download the update
     * Microsoft DirectX 9.0, 9.0a, 9.0b when installed on Windows 2000,
    Windows XP, or Windows Server 2003 -
    <http://www.microsoft.com/downloads/details.aspx?FamilyId=BF58AC23-62D5-4650-AEEF-B79551D5F778&displaylang=en> Download the update

    Non-Affected Components:
     * Microsoft DirectX 5.2 on Windows 98
     * Microsoft DirectX 6.1 on Windows 98 Second Edition
     * Windows Media Player 6.4 or Internet Explorer 6 Service Pack 1 when
    installed on Microsoft Windows NT 4.0
     * Windows Media Player 6.4 or Internet Explorer 6 Service Pack 1 when
    installed on Microsoft Windows NT 4.0, Terminal Server Edition

    The software in this list has been tested to determine if the versions are
    affected. Other versions either no longer include security update support
    or may not be affected. To determine the support lifecycle for your
    product and version, visit the following Microsoft Support Lifecycle Web
    site.

    Technical Details:
    A denial of service vulnerability exists in the IDirectPlay4 Application
    Programming Interface (API) of Microsoft DirectPlay. Applications that
    implement this API are typically network-based multi-player games. An
    attacker who successfully exploited this vulnerability could cause the
    application to fail.

    ADDITIONAL INFORMATION

    The information has been provided by Microosft Product Security.
    The original article can be found at:
    <http://www.microsoft.com/technet/security/bulletin/MS04-016.mspx>
    http://www.microsoft.com/technet/security/bulletin/MS04-016.mspx

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.


  • Next message: SecuriTeam: "[UNIX] cPanel mod_php suexec Taint Vulnerability"