[security-alerts] FW: [SA17595] Microsoft Windows UPnP GetDeviceList Denial of Service

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

> 
> 
> TITLE:
> Microsoft Windows UPnP GetDeviceList Denial of Service
> 
> SECUNIA ADVISORY ID:
> SA17595
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/17595/
> 
> CRITICAL:
> Less critical
> 
> IMPACT:
> DoS
> 
> WHERE:
> From local network
> 
> OPERATING SYSTEM:
> Microsoft Windows 2000 Advanced Server
> http://secunia.com/product/21/
> Microsoft Windows 2000 Datacenter Server
> http://secunia.com/product/1177/
> Microsoft Windows 2000 Professional
> http://secunia.com/product/1/
> Microsoft Windows 2000 Server
> http://secunia.com/product/20/
> Microsoft Windows XP Home Edition
> http://secunia.com/product/16/
> Microsoft Windows XP Professional
> http://secunia.com/product/22/
> 
> DESCRIPTION:
> Winny Thomas has discovered a vulnerability in Microsoft Windows,
> which can be exploited by malicious people to cause a DoS (Denial of
> Service).
> 
> The vulnerability is caused due to a memory allocation error when
> handling UPnP GetDeviceList requests via RPC. This can be exploited
> to cause "services.exe" to consume large amount of memory for a
> limited period of time.
> 
> Successful exploitation causes a DoS but requires valid logon
> credentials on Windows XP Service Pack 1.
> 
> The vulnerability has been confirmed in Windows 2000 SP4 and is also
> reported in Windows XP Service Pack 1.
> 
> Note: An exploit for this vulnerability is publicly available.
> 
> SOLUTION:
> Restrict access to the affected systems using a firewall.
> 
> Windows XP Service Pack 2, Windows Server 2003 and Windows Server
> 2003 Service Pack 1 are reportedly not vulnerable.
> 
> PROVIDED AND/OR DISCOVERED BY:
> Winny Thomas
> 
> ORIGINAL ADVISORY:
> http://www.microsoft.com/technet/security/advisory/911052.mspx
> 
> ----------------------------------------------------------------------