Reported August 14, 2001, by Microsoft.

VERSIONS AFFECTED

  • Microsoft Windows 2000 Server

  • Microsoft Windows 2000 Advanced Server

  • Microsoft Windows 2000 Datacenter Server

  • Microsoft Windows NT Server 4.0

  • Microsoft Windows NT Server, Enterprise Edition

 

DESCRIPTION
A memory leak condition exists in the way certain Windows OSs (see above) process new postings when using the Network News Transfer Protocol (NNTP) service. If an attacker sends a large number of posts of a particular construction, those posts can deplete the server’s available memory and disrupt service. A user can reboot the server to resume normal service. Only servers that accept new postings are vulnerable to this condition.

 

VENDOR RESPONSE

The vendor, Microsoft, has released security bulletin MS01-043 to address this vulnerability and recommends that users apply whichever of the following patches is relevant to their system:

 

Windows NT 4.0 Server and Enterprise Server

 

Windows 2000 Server and Advanced Server

 

Windows 2000 Datacenter Server patches are hardware-specific and available only through the OEM.

 

CREDIT
Discovered by Aiden ORawe.