|
|
|
|
| |
| A flaw in the way MSDTC handles malformed packets could allow an attacker to hang the service and exhaust resources on the Server. |
| |
Credit:
The information has been provided by Peter Gr?ndl.
|
| |
Vulnerable systems:
- Windows 2000 Server without MS02-018 patch
If an attacker sends 20200 NULL characters to the MSDTC service, which listens on TCP port 3372, server resources are allocated poorly. This attack can result in MSDTC.EXE spiking at 100% CPU usage, MSDTC refusing connections and kernel resources being exhausted.
Vendor response:
The vendor was contacted on the 24th of October, 2001. On the 15th of March, 2002 we received a private Hotfix, which corrected the issue. On the 10th of April, 2002 the vendor released a public bulletin. On the 19th of April, 2002 the vendor notified us that the patch also included the patched binary for the MSDTC issue.
Corrective action:
The vendor has released a patched binary, which is included in the security rollup package MS02-018, available here:
http://www.microsoft.com/technet/security/bulletin/ms02-018.asp
|
|
|
|
|
|
|
