SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Microsoft)  >   Rpc Vendors:   Microsoft
Microsoft Windows COM Internet Services and RPC over HTTP Can Be Crashed By Remote Users
SecurityTracker Alert ID:  1009762
SecurityTracker URL:  http://securitytracker.com/id/1009762
CVE Reference:   CVE-2003-0807   (Links to External Site)
Date:  Apr 13 2004
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A denial of service vulnerability was reported in the Microsoft Windows COM Internet Services (CIS) and RPC over HTTP Proxy components. A remote user can cause the components to stop accepting requests.

Microsoft reported that a remote user can reply to a forwarded request to a backend system with a specially crafted message to trigger the flaw and cause the services to stop responding to subsequent requests. The system reportedly fails to properly validate user-supplied input in certain cases.

No operating systems are affected in the default configuration, according to the vendor.

Once the system has been exploited, the Internet Information Services (IIS) must be restarted manually to return to normal operations, the report said.

Microsoft credits Qualys with reporting this vulnerability.

Impact:   A remote user can cause the CIS and RPC over HTTP services to stop responding to subsequent requests.
Solution:   The vendor has released a fix as part of the MS04-012 cumulative patch.

The following updates are available [all updates for MS04-012 are shown, even though the vulnerability mentioned in this Alert does not affect all operating systems]:

Microsoft Windows NT Workstation 4.0 Service Pack 6a:

http://www.microsoft.com/downloads/details.aspx?FamilyId=4ACB5BD6-A0BF-40BC-8955-D833923642EF&displaylang=en

Microsoft Windows NT Server 4.0 Service Pack 6a:

http://www.microsoft.com/downloads/details.aspx?FamilyId=D4F2AD32-FE74-4DA1-AEAE-80897AC86720&displaylang=en

Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6:

http://www.microsoft.com/downloads/details.aspx?FamilyId=5B29E35D-E5DA-4486-B7EB-D54C7398142C&displaylang=en

Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, and Microsoft Windows 2000 Service Pack 4:

http://www.microsoft.com/downloads/details.aspx?FamilyId=FBD38C36-D1D3-47A2-A5D5-6C8F27FDCC40&displaylang=en

Microsoft Windows XP and Microsoft Windows XP Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?FamilyId=D488BBBB-DA77-448D-8FF0-0A649A0D8FC3&displaylang=en

Microsoft Windows XP 64-Bit Edition Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?FamilyId=4C3ED21D-FF40-4C9D-99DD-1632E43C1645&displaylang=en

Microsoft Windows XP 64-Bit Edition Version 2003:

http://www.microsoft.com/downloads/details.aspx?FamilyId=75A08528-5E99-4BE0-8E97-F1C9789611EB&displaylang=en

Microsoft Windows Server 2003:

http://www.microsoft.com/downloads/details.aspx?FamilyId=07317CE9-520D-4574-B575-5FB85DA9A4D7&displaylang=en

Microsoft Windows Server 2003 64-Bit Edition:

http://www.microsoft.com/downloads/details.aspx?FamilyId=75A08528-5E99-4BE0-8E97-F1C9789611EB&displaylang=en

For Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE) and Microsoft Windows Millennium Edition (ME), the vendor indicates that you should read the FAQ section of this bulletin for details about these operating systems.

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms04-012.mspx (Links to External Site)
Cause:   Input validation error

Message History:   None.


 Source Message Contents

Subject:  CVE-2003-0807


http://www.microsoft.com/technet/security/bulletin/ms04-012.mspx

 > Microsoft Security Bulletin MS04-012
 > Cumulative Update for Microsoft RPC/DCOM (828741)

 > Issued: April 13, 2004

CVE: CAN-2003-0807

Affects:  NT 4.0, 2000, 2003

Low Severity Rating

A denial of service vulnerability was reported in the Microsoft Windows COM Internet 
Services (CIS) and RPC over HTTP Proxy components.  A remote user can cause the components 
to stop accepting requests.

Microsoft reports that a remote user can reply to a forwarded request to a backend system 
with a specially crafted message to trigger the flaw.

It is reported that no operating systems are affected in the default configuration.

Internet Information Services (IIS) must be restarted manually to return to normal 
operations, the report said.

Microsoft credits Qualys with reporting this vulnerability.


The vendor has released a fix as part of the MS04-012 cumulative patch.

The following updates are available [all updates for MS04-012 are shown, even though the 
vulnerability mentioned in this Alert does not affect all operating systems]:


http://www.microsoft.com/downloads/details.aspx?FamilyId=4ACB5BD6-A0BF-40BC-8955-D833923642EF&displaylang=en

Microsoft Windows NT Server 4.0 Service Pack 6a:

http://www.microsoft.com/downloads/details.aspx?FamilyId=D4F2AD32-FE74-4DA1-AEAE-80897AC86720&displaylang=en

Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6:

http://www.microsoft.com/downloads/details.aspx?FamilyId=5B29E35D-E5DA-4486-B7EB-D54C7398142C&displaylang=en

Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, and 
Microsoft Windows 2000 Service Pack 4:

http://www.microsoft.com/downloads/details.aspx?FamilyId=FBD38C36-D1D3-47A2-A5D5-6C8F27FDCC40&displaylang=en

Microsoft Windows XP and Microsoft Windows XP Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?FamilyId=D488BBBB-DA77-448D-8FF0-0A649A0D8FC3&displaylang=en

Microsoft Windows XP 64-Bit Edition Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?FamilyId=4C3ED21D-FF40-4C9D-99DD-1632E43C1645&displaylang=en

Microsoft Windows XP 64-Bit Edition Version 2003:

http://www.microsoft.com/downloads/details.aspx?FamilyId=75A08528-5E99-4BE0-8E97-F1C9789611EB&displaylang=en


http://www.microsoft.com/downloads/details.aspx?FamilyId=07317CE9-520D-4574-B575-5FB85DA9A4D7&displaylang=en

Microsoft Windows Server 2003 64-Bit Edition:

http://www.microsoft.com/downloads/details.aspx?FamilyId=75A08528-5E99-4BE0-8E97-F1C9789611EB&displaylang=en

For Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE) and Microsoft Windows 
Millennium Edition (ME), the vendor indicates that you should read the FAQ section of this 
bulletin for details about these operating systems


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC