Re: Microsoft MS01-059, Universal Plug-n-Play vulnerability.
From: 'ken'@FTUDate: 12/22/01
- Previous message: Doug: "Re: Microsoft MS01-059, Universal Plug-n-Play vulnerability."
- In reply to: Mark Medici: "Microsoft MS01-059, Universal Plug-n-Play vulnerability."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 21 Dec 2001 18:06:03 -0500 From: "'ken'@FTU" <franklin_tech_bulletins@yahoo.com> To: Mark Medici <mark@dbma.com>
Try port 5000 for TCP and 1900 for UDP.
'ken'
Mark Medici wrote:
> Does anyone have any information on the protocols and/or ports used
> by Universal Plug-n-Play (uPnP)? I'm not looking for specific
> sample code or a working exploit. However, I do want to know if
> this vulnerability can be exploited from the Internet, and if so,
> how to block it at our firewalls and border routers.
>
> Microsoft and CERT announced a vulnerability affecting Windows/XP,
> Windows/Me and, potentially, Windows/98 with Universal Plug-n-Play.
> See http://www.microsoft.com/technet/security/bulletin/MS01-059.asp
> for details.
>
> Obviously, installing Microsoft's patch (Q315000 for Windows/XP, the
> most critical platform) is essential. But users (our own and our
> customers) frequently get new machines or reload existing ones and
> put them on the network for several days before a SysAdmin learns of
> their presence to properly patch them.
>
> If there are specific protocols and/or ports that can be associated
> with Universal Plug-n-Play, then these can be blocked by our
> firewalls, border routers and personal firewalls to protect against
> exploits even if one of our users is remiss in installing patches.
>
> Further information is welcome.
>
>
- Previous message: Doug: "Re: Microsoft MS01-059, Universal Plug-n-Play vulnerability."
- In reply to: Mark Medici: "Microsoft MS01-059, Universal Plug-n-Play vulnerability."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
