Memory Allocation Denial of Service Via RPC


Laut Microsofts Microsoft Security Advisory (911052) gibt es eine neue Sicherheitslücke im RPC-Dienst, der Denial-of-Service-Attacken erlaubt:

On Windows XP Service Pack 1, an attacker must have valid logon credentials to try to exploit this vulnerability. The vulnerability could not be exploited remotely by anonymous users. However, the affected component is available remotely to users who have standard user accounts. Customers who have installed Windows XP Service Pack 2 are not affected by this vulnerability. Additionally, customers running Windows Server 2003 and Windows Server 2003 Service Pack 1 are not affected by this vulnerability.

von Winny Thomas wurde auf FrSIRT bereits ein Exploit ( Microsoft Windows RPC Memory Allocation Remote Denial of Service Exploit) veröffentlicht:

I used windbg to break on calls to upnp_getdevicelist when running this code. However even before the break point is hit the system becomes unresponsive. Strangely though changing the operation number in the DCERPC request to something else other than 0xa (upnp_getdevicelist) will make the DOS attempt fail. Perhaps changing the payload a little bit, so that the underlying demarshalling routines dont return an error, might reproduce this effect for other UPNP operations as well.

Informationen und Links

Sei dabei - Du kannst Kommentieren, einen Trackback hinterlassen oder den Artikel aus Deinem Blog verlinken.

Information
November 17th, 2005
Keine Kommentare
Feeds und Links
Kommentar-Feed
Von diesem Autor
Del.icio.us
Digg
Technorati
Kategorien
IT Security
Microsoft
Windows

Andere Beiträge
Google: “Medion MD8800″
Xbox 360 zerlegt

Deine Meinung!

Was ist deine Meinung zu dem Beitrag
Memory Allocation Denial of Service Via RPC?
Hier kannst du einen Kommentar hinterlassen:

Leserkommentare

Gib' den ersten Kommentar ab!