ISS X-Force Database: nt-services-exe-dos(3427): Microsoft Windows NT services.exe denial of service

Microsoft Windows NT services.exe denial of service

nt-services-exe-dos (3427)

Medium Risk

Description:

Windows NT services.exe could allow a Denial of Service attack. The problem lies within the manner that srvsvc.dll makes calls to services.exe. Certain MSRPC calls will return NULL values which are not correctly interpreted by services.exe. An remote attacker could send a malicious packet and cause a denial of service on a Windows NT host, rendering local administration and network communication useless.

Consequences:

Denial of Service

Remedy:

Apply the appropriate patch from Microsoft, as listed in Microsoft Security Bulletin MS99-055. See References.

For Windows NT 4.0:
Microsoft originally provided a patch for this vulnerability in MS99-055, but it has been superseded by the Security Roll-up patch released with MS01-041 and MS02-001, and then superseded by the patch released with MS02-018. See References.

References:

BugTraq Mailing List, Mon, 1 Nov 1999 08:07:46 -0600: Services.exe DoS in NT 4 (RFPoison).
BugTraq Mailing List, Mon, 1 Nov 1999 08:07:46 -0600: RFP9906 - Services.exe DoS in NT 4 (RFPoison).
Microsoft Knowledge Base Article 143474: Restricting Information Available to Anonymous Logon Users.
Microsoft Knowledge Base Article 246045: Malformed Resource Enumeration Arguments May Cause Named Pipes and Other System Services to Fail.
Microsoft Security Bulletin MS01-041: Malformed RPC Request Can Cause Service Failure.
Microsoft Security Bulletin MS02-001: Trusting Domains Do Not Verify Domain Membership of SIDs in Authorization Data.
Microsoft Security Bulletin MS02-018: Cumulative Patch for Internet Information Services (Q319733).
Microsoft Security Bulletin MS99-055: Patch Available for Malformed Resource Enumeration Argument" Vulnerability.
Microsoft Security Bulletin MS99-055 FAQ: Microsoft Security Bulletin (MS99-055): Frequently Asked Questions.
BID-754: NT Services.exe Denial of Service
CVE-1999-0980: Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request.
OSVDB ID: 11264: Microsoft Windows NT SCM Malformed Resource Enumeration Request DoS

Platforms Affected:

Microsoft Windows NT 3.5.1 SP2
Microsoft Windows NT 3.5.1 SP5
Microsoft Windows NT 3.5.1 SP1
Microsoft Windows NT 4.0

Reported:

Oct 31, 1999

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page