windows denial service vulnerability
Windows NT NNTP Denial of Service Vulnerability Patch MS01-043
Windows NT NNTP Denial of Service Vulnerability Patch has come as a smart tool to remove a denial of service vulnerability in Windows NT 4.0 computers more>>
Windows NT NNTP Denial of Service Vulnerability Patch MS01-043 has come as a smart tool to remove a denial of service vulnerability in Windows NT 4.0 computers running the Network News Transfer Protocol (NNTP) service. This denial of service vulnerability exists because the NNTP service in computers running Windows NT 4.0 contains a memory leak. If a malicious user sends a large amount of specially malformed data to an affected server, it can deplete the memory that is available to the server, which can cause the server to stop performing.
Windows 2000 NNTP Denial of Service Vulnerability Patch MS01-043
Windows 2000 NNTP Denial of Service Vulnerability Patch is developed to be a handy tool to remove a denial of service vulnerability in Windows 2000 computers running the Network News Transfer Protocol (NNTP) service. more>>
Windows 2000 NNTP Denial of Service Vulnerability Patch MS01-043 is developed to be a handy tool to remove a denial of service vulnerability in Windows 2000 computers running the Network News Transfer Protocol (NNTP) service. This denial of service vulnerability exists because the NNTP service in Windows 2000 contains a memory leak. If a malicious user sends a large amount of specially malformed data to an affected server, it can deplete the memory that is available to the server, which can cause the server to stop performing.
Windows 2000 LPC Vulnerability Patch
Windows 2000 LPC Vulnerability Patch is a highly-efficient, high-quality patch which eliminates several security vulnerabilities that could allow a range of effects, from denial of service attacks to, in some cases, privilege elevation. more>>
Windows 2000 LPC Vulnerability Patch is a highly-efficient, high-quality patch which eliminates several security vulnerabilities that could allow a range of effects, from denial of service attacks to, in some cases, privilege elevation. Several vulnerabilities have been identified in the Windows NT 4.0 and Windows 2000 implementations of LPC and LPC ports:
- The Invalid LPC Request vulnerability, which affects only Windows NT 4.0. By levying an invalid LPC request, it would be possible to make the affected system fail.
- The LPC Memory Exhaustion vulnerability, which affects both Windows NT 4.0 and Windows 2000. By levying spurious LPC requests, it could be possible to increase the number of queued LPC messages to the point where kernel memory was depleted.
- The Predictable LPC Message Identifier vulnerability, which affects both Windows NT 4.0 and Windows 2000. Any process that knows the identifier of an LPC message can access it; however, the identifiers can be predicted. In the simplest case, a malicious user could access other process LPC ports and feed them random data as a denial of service attack. In the worst case, it could be possible, under certain conditions, to send bogus requests to a privileged process in order to gain additional local privileges.
- A new variant of the previously-reported Spoofed LPC Port Request vulnerability. This vulnerability affects Windows NT 4.0 and Windows 2000, and could, under a very restricted set of conditions, allow a malicious user to create a process that would run under the security context of an already-running process, potentially including System processes.
Windows 2000 Telnet Server Flooding Vulnerability Patch
Windows 2000 Telnet Server Flooding Vulnerability Patch is a simple and salutary vulnerability which has been discovered in the Telnet Server that ships with Microsoft Windows 2000. more>>
Windows 2000 Telnet Server Flooding Vulnerability Patch is a simple and salutary vulnerability which has been discovered in the Telnet Server that ships with Microsoft Windows 2000.
The denial of service can occur when a malicious client sends a particular malformed string to the server. Although the Telnet service is provided as part of Windows 2000 products, the service is not enabled by default, and customers who have not enabled it would not be at risk. Even in affected systems, the effect of the vulnerability is limited to Telnet itself there is no capability to cause other services to fail, or to cause Windows 2000 to fail. Telnet services could be restored after an attack by restarting the Telnet Server.
Microsoft has released this patch to eliminate this security vulnerability.
Windows Phone Book Service Buffer Overflow Vulnerability Patch 1.0
Windows Phone Book Service Buffer Overflow Vulnerability Patch is developed to be a helpful program to remove a security vulnerability in an optional service more>>
Windows Phone Book Service Buffer Overflow Vulnerability Patch 1.0 is developed to be a helpful program to remove a security vulnerability in an optional service that ships with Windows 2000 Servers. The vulnerability could allow a malicious user to execute hostile code on a remote server that is running the service.
Windows XP Remote Access Service Phonebook Vulnerability Patch MS02-029
Windows XP Remote Access Service Phonebook Vulnerability Patch is designed to be an essential update to prevent malicious users from exploiting a buffer overrun vulnerability in the Windows XP RAS Phonebook. more>>
Windows XP Remote Access Service Phonebook Vulnerability Patch MS02-029 is designed to be an essential update to prevent malicious users from exploiting a buffer overrun vulnerability in the Windows XP RAS Phonebook. This vulnerability is the result of an unchecked buffer in the Remote Access Service (RAS) Phonebook. Download now to eliminate this vulnerability by instituting proper input checking on the RAS phonebook entries.
WebTV Denial of Service Vulnerability Patch (Windows Me) (MS00-074)
WebTV Denial of Service Vulnerability Patch (Windows Me) (MS00-074) is a professional and smart patch which eliminates a security vulnerability in Microsoft WebTV for Windows. more>>
WebTV Denial of Service Vulnerability Patch (Windows Me) (MS00-074) is a professional and smart patch which eliminates a security vulnerability in Microsoft WebTV for Windows.
There is a denial of service vulnerability in WebTV for Windows that may allow a malicious user to remotely crash either the WebTV for Windows application and/or the computer system running WebTV for Windows. Restarting the application and/or system will return the system to its normal state.
Although the WebTV for Windows application ships with Windows 98, 98SE, and Windows Me products, the application is not installed by default, and customers who have not installed it would are not at risk.
Windows NT Remote Access Service Phonebook Vulnerability Patch MS02-029
Windows NT Remote Access Service Phonebook Vulnerability Patch is developed to be a smart program which offers you dial-up connections between computers and networks over phone lines. more>>
Windows NT Remote Access Service Phonebook Vulnerability Patch MS02-029 is developed to be a smart program which offers you dial-up connections between computers and networks over phone lines. RAS is delivered as a native system service in Windows NT 4.0, Windows 2000, and Windows XP, and also is included in a separately downloadable Routing and Remote Access Server (RRAS) for Windows NT 4.0. All of these implementations include a RAS phonebook, which is used to store information about telephone numbers, security, and network settings used to dial-up remote systems.
A flaw exists in the RAS phonebook implementation: a phonebook value is not properly checked, and is susceptible to a buffer overrun. The overrun could be exploited for either of two purposes: causing a system failure, or running code on the system with LocalSystem privileges. If an attacker were able to log onto an affected server and modify a phonebook entry using specially malformed data, then made a connection using the modified phonebook entry, the specially malformed data could be run as code by the system.
Windows Vulnerability Scanner 1.39
Windows Vulnerability Scanner is a helpful and convenient-to-use program that makes it quick and easy to check your system for Windows Vulnerabilities. It guides you to update with the right patch to make your system secure. more>> <<less
Windows NT RPC Endpoint Mapper Vulnerability Patch MS01-048
Windows NT RPC Endpoint Mapper Vulnerability Patch has come as a smart tool to deal with the Malformed RPC Packet security vulnerability in computers running Windows NT 4.0 more>>
Windows NT RPC Endpoint Mapper Vulnerability Patch MS01-048 has come as a smart tool to deal with the 'Malformed RPC Packet' security vulnerability in computers running Windows NT 4.0 and is discussed in Microsoft Security Bulletin MS01-048. Download now to prevent a malicious user from launching a denial of service attack using the Remote Procedure Call (RPC) client. This vulnerability exists because there is an error in the way the endpoint mapper (used by the RPC service to determine which remote port to use) processes queries. If a malicious user sends a malformed RPC query to an affected Windows NT 4.0 computer, it can cause the server to stop responding to requests.
Windows 2000 Still Image Service Privilege Escalation Vulnerability Patch
Windows 2000 Still Image Service Privilege Escalation Vulnerability Patch has come as a helpful program to remove a security vulnerability in Microsoft Windows 2000, preventing a user from gaining administrator privileges. more>>
Windows 2000 Still Image Service Privilege Escalation Vulnerability Patch has come as a helpful program to remove a security vulnerability in Microsoft Windows 2000, preventing a user from gaining administrator privileges. An unchecked buffer exists in the Still Image Service' on Windows 2000 hosts. A locally logged-on user can execute malicious code that will use the still image service to escalate their permissions equal to that of the Still Image Service, namely, LocalSystem. The Still Image Service is not installed by default, but is automatically installed, via plug-n-play, when a user attaches a still image device (i.e. digital camera, scanner, etc.) to a Windows 2000 host.
Windows 2000 Remote Access Service Phonebook Vulnerability Patch MS02-029
Windows 2000 Remote Access Service Phonebook Vulnerability Patch MS02-029 is a very tractable and powerful program which provides dial-up connections between computers and networks over phone lines. more>>
Windows 2000 Remote Access Service Phonebook Vulnerability Patch MS02-029 is a very tractable and powerful program which provides dial-up connections between computers and networks over phone lines.
RAS is delivered as a native system service in Windows NT 4.0, Windows 2000 and Windows XP, and also is included in a separately downloadable Routing and Remote Access Server (RRAS) for Windows NT 4.0. All of these implementations include a RAS phonebook, which is used to store information about telephone numbers, security, and network settings used to dial-up remote systems.
A flaw exists in the RAS phonebook implementation: a phonebook value is not properly checked, and is susceptible to a buffer overrun. The overrun could be exploited for either of two purposes: causing a system failure, or running code on the system with LocalSystem privileges. If an attacker were able to log onto an affected server and modify a phonebook entry using specially malformed data, then made a connection using the modified phonebook entry, the specially malformed data could be run as code by the system.
Windows NT Invalid RDP Data Vulnerability Patch MS01-052
Windows NT Invalid RDP Data Vulnerability Patch MS01-052 is written to be a helpful program which can remove the Invalid RDP Data can Cause Terminal Service Failure vulnerability in computers running Windows 2000 more>>
Windows NT Invalid RDP Data Vulnerability Patch MS01-052 is written to be a helpful program which can remove the 'Invalid RDP Data can Cause Terminal Service Failure' vulnerability in computers running Windows 2000 and Windows NT4.0 Terminal Services Edition, discussed in Microsoft Security Bulletin MS01-052. Download now to prevent a malicious user from causing your server to fail.
Microsoft Windows 2000 Patch: Denial Of Service At
Among the components provided by Services for Unix (SFU) 2.0 are services that implement the NFS (Network File System) and Telnet protocols more>> Among the components provided by Services for Unix (SFU) 2.0 are services that implement the NFS (Network File System) and Telnet protocols. Both services contain memory leaks that could be triggered by a user request. Download now to prevent an attacker deliberately sending such requests in order to deplete kernel memory and prevent the server from performing useful service.<<less
Windows 2000 Indexing Service File Enumeration Vulnerability Patch (MS00-098)
This patch eliminates a security vulnerability in a component that ships as part of Microsoft Windows 2000 more>>
Windows 2000 Indexing Service File Enumeration Vulnerability Patch (MS00-098) is launched as an important and helpful patch to remove a security vulnerability in a component that ships as part of Microsoft Windows 2000. The vulnerability could allow a malicious Web site operator to learn the names and properties of files and folders on the machine of a visiting user.
An ActiveX control that ships as part of Indexing Service is incorrectly marked as 'safe for scripting', thereby enabling it to be executed by Web site applications. The control at issue here could be used to enumerate files and folders and to view their properties. It would not be necessary for Indexing Service to be running in order for the vulnerability to be exploited; however, if it were running, the control also could be used to search for files containing specific words. The vulnerability could not be used to read files, except via a fairly unlikely scenario discussed in detail in the FAQ. It could not be used under any conditions to change, add, or delete information on the user's computer.
A patch has been provided for Indexing Service 3.0, but not for Index Server 2.0. This is primarily due to the different delivery vehicles for the two versions. Indexing Service 3.0 ships as part of all versions of Windows 2000; thus, the vulnerability could affect all Windows 2000 users. In contrast, Index Server 2.0 ships as part of the Windows NT 4.0 Option Pack; thus, to be affected by the vulnerability in Index Server 2.0, a Webmaster would need to browse untrustworthy Internet sites from a Web server, which is contrary to normal recommended practices.
