Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:13674
HistoryJul 29, 2006 - 12:00 a.m.

ISS Protection Brief: Vulnerability in Server Driver could result in Denial of Service

2006-07-2900:00:00
vulners.com
10
JSON

-----BEGIN PGP SIGNED MESSAGE-----

Internet Security Systems Protection Brief
July 28, 2006

Vulnerability in Server Driver could result in Denial of Service

Summary:

Multiple versions of Microsoft Windows are vulnerable to a null pointer dereference in the server driver (srv.sys). By sending a specially-crafted network packet to an affected system, a remote attacker could cause the system to crash.

Business Impact:

Attackers can reliably cause Microsoft Windows to blue screen. Users must reboot to recover from the crash. An exploit is available in the wild. As of this writing no patch is available for the vulnerability.

Affected Products:

Microsoft Corporation: Windows 2000 SP4
Microsoft Corporation: Windows Server 2003
Microsoft Corporation: Windows Server 2003 Itanium
Microsoft Corporation: Windows Server 2003 SP1
Microsoft Corporation: Windows Server 2003 SP1 Itanium
Microsoft Corporation: Windows Server 2003 x64 Edition
Microsoft Corporation: Windows XP Pro x64 Edition
Microsoft Corporation: Windows XP SP1
Microsoft Corporation: Windows XP SP2

Description:

An exploit was released into the wild that was misconstrued as a denial of service proof of concept for the Windows Mailslot vulnerability (MS06-035). In fact, this proof of concept exploits a different vulnerability, which has not been patched, caused by a null pointer dereference. It is unlikely that this vulnerability could result in remote code execution; however, complete system crashes are reliable. As there is no patch available for this problem at the time of this writing, ISS has decided to provide coverage on an expedited basis.

Mitigation:

The vulnerability exists in the Server Message Block protocol which runs on TCP ports 139 and 445. Both of these ports should be blocked at perimeter firewalls, both inbound and outbound.

Reference:
http://xforce.iss.net/xforce/alerts/id/231

About Internet Security Systems, Inc.
Internet Security Systems, Inc. (ISS) is the trusted security advisor to thousands of the world's leading businesses and governments, providing preemptive protection for networks, desktops and servers. An established leader in security since 1994, ISS' integrated security platform automatically protects against both known and unknown threats, keeping networks up and running and shielding customers from online attacks before they impact business assets. ISS products and services are based on the proactive security intelligence of its X-Forceยฎ research and development team - the unequivocal world authority in vulnerability and threat research. ISS' product line is also complemented by comprehensive Managed Security Services. For more information, visit the Internet Security Systems Web site at www.iss.net or call 800-776-2362.

Copyright (c) 2006 Internet Security Systems, Inc. All rights reserved
worldwide.

This document is not to be edited or altered in any way without the
express written consent of Internet Security Systems, Inc. If you wish
to reprint the whole or any part of this document, please email

[email protected] for permission. You may provide links to this document
from your web site, and you may make copies of this document in
accordance with the fair use doctrine of the U.S. copyright laws.

Disclaimer: The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

X-Force PGP Key available on MIT's PGP key server and PGP.com's key
server, as well as at http://www.iss.net/security_center/sensitive.php
Please send suggestions, updates, and comments to: X-Force

[email protected] of Internet Security Systems, Inc.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBRMp1KTRfJiV99eG9AQGDIQQAgDUAuwVQBsEKS0onXUxf7uDwkanVfzFf
mx+t9NcNO+RnElYvgxOJw5h6CL412yKpwqN3iRZMFKrbc2mhc5u4p63jbSe4Op+D
WnsuoEwnSVOX718myWH98D4jvPEoWEH2vZbhZAd//ujTIHkPSgnIHVP5nhusVPP9
4gWcsp1huOg=
=JDEc
-----END PGP SIGNATURE-----

JSON