Microsoft Media Services dropped connection denial of service
| mediaservices-dropped-connection-dos (5785) |  Medium Risk |
Description:
Microsoft Windows Media Service is vulnerable to a denial of service attack. When a user connects to the server then drops the connection, the resources used by the connection fails to reset. An attacker can repeat this procedure multiple times to cause the system to consume all available resources, and crash the server. The service must be restarted to regain normal functionality.
Consequences:
Denial of Service
Remedy:
Apply the patch for this vulnerability, as listed in Microsoft Security Bulletin MS00-097. See References.
References:
- Microsoft Security Bulletin MS00-097: Patch Available for 'Severed Windows Media Server Connection' Vulnerability.
- BID-2123: Microsoft Windows Media Services Severed Connection DoS Vulnerability
- CVE-2001-0083: Windows Media Unicast Service in Windows Media Services 4.0 and 4.1 does not properly shut down some types of connections, producing a memory leak that allows remote attackers to cause a denial of service via a series of severed connections, aka the Severed Windows Media Server Connection vulnerability.
Platforms Affected:
- Microsoft Windows Media Services 4.0
- Microsoft Windows Media Services 4.1
Reported:
Dec 14, 2000
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net