Reported August 14, 2001, by Microsoft.
Microsoft Windows 2000 Server
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server, Enterprise Edition
A memory leak condition exists in the way certain Windows OSs (see above) process new postings when using the Network News Transfer Protocol (NNTP) service. If an attacker sends a large number of posts of a particular construction, those posts can deplete the server’s available memory and disrupt service. A user can reboot the server to resume normal service. Only servers that accept new postings are vulnerable to this condition.
Windows 2000 Datacenter Server patches are hardware-specific and available only through the OEM.
Discovered by Aiden ORawe.