OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Microsoft Product Security (secnotifMICROSOFT.COM)
Date: Thu Jan 25 2001 - 13:23:44 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    The following is a Security Bulletin from the Microsoft Product Security
    Notification Service.

    Please do not reply to this message, as it was sent from an unattended
    mailbox.
                        ********************************

    -----BEGIN PGP SIGNED MESSAGE-----

    - ----------------------------------------------------------------------
    Title: Patch Available for Winsock Mutex Vulnerability
    Date: 24 January 2001
    Software: Microsoft Windows NT 4.0 and Windows NT 4.0 TSE
    Impact: Denial of Service
    Bulletin: MS01-003

    Microsoft encourages customers to review the Security Bulletin at:
    http://www.microsoft.com/technet/security/bulletin/ms01-003.asp
    - ----------------------------------------------------------------------

    Issue:
    ======
    Like all other objects under Windows NT 4.0, mutexes -
    synchronization objects that govern access to resources - have
    permissions associated with them, that govern how they can be
    accessed. However, a particular mutex used to govern access to a
    networking resource has inappropriately loose permissions. This could
    enable an attacker who had the ability to run code on a local machine
    to monopolize the mutex, thereby preventing any other processes from
    using the resource that it controlled. This would have the effect of
    preventing the machine from participating in the network.

    The attacker would require interactive logon access to the affected
    machine. This significantly limits the scope of the vulnerability
    because, if normal security recommendations have been followed,
    unprivileged users will not be granted interactive logon rights to
    critical machines like servers. Unprivileged users typically are
    granted interactive logon rights to workstations and terminal
    servers. However, a workstation would not be a tempting target for an
    attacker, because he could only use this vulnerability to deny
    service to himself. The machines most likely to be affected would be
    terminal servers.

    Mitigating Factors:
    ===================
     - The attacker would require interactive logon access to the
       affected machine.

    Path Availability:
    ==================
     - A patch is available to fix this vulnerability. Please read
       Security Bulletin MS01-003 at:
       http://www.microsoft.com/technet/security/bulletin/ms01-003.asp
       for information on obtaining this patch.

    Acknowledgment:
    ===============
     - Arne Vidstrom (http://ntsecurity.nu)

    - ----------------------------------------------------------------------

    THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED
    "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL
    WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF
    MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT
    SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY
    DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL,
    CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF
    MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE
    POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION
    OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO
    THE FOREGOING LIMITATION MAY NOT APPLY.

    -----BEGIN PGP SIGNATURE-----
    Version: PGP Personal Privacy 6.5.3

    iQEVAwUBOnB9P40ZSRQxA/UrAQEzSgf/RxPczX+jXqkh9gXTHerKQRqcTHkLOFah
    nU/d2+PSYDnr6PNgRNMbDSIpSIH2pruDsReP+kSGjl5uDDkWRuu43TIRpO5wo2RY
    PKKr+GXEYJOqxeYcGQa/VFATVio7z8Y9PrXjEWJC185I8S+e1je2jhRDdV3rsWpK
    K5dtXEZC9Qr9L/TpOFovUd2oE3/tPLraRvxY10mKFcsa9TfTQSxVl+UlCCpScgQ1
    Nl/CRnvUfop8T2lqSswDv5M0jBwizjcFLjrZatlwXovVkkvAiY1fXel7tBqGpj/J
    sap4oNzJt060eZl3BwU+RQaAZYeew38g4tKG9q/WfYt/G9rqNNyn0Q==
    =UXIM
    -----END PGP SIGNATURE-----

       *******************************************************************
    You have received this e-mail bulletin as a result of your registration
    to the Microsoft Product Security Notification Service. You may
    unsubscribe from this e-mail notification service at any time by sending
    an e-mail to MICROSOFT_SECURITY-SIGNOFF-REQUESTANNOUNCE.MICROSOFT.COM
    The subject line and message body are not used in processing the request,
    and can be anything you like.

    To verify the digital signature on this bulletin, please download our PGP
    key at http://www.microsoft.com/technet/security/notify.asp.

    For more information on the Microsoft Security Notification Service
    please visit http://www.microsoft.com/technet/security/notify.asp. For
    security-related information about Microsoft products, please visit the
    Microsoft Security Advisor web site at http://www.microsoft.com/security.

    _____________________________________________________________________
    ** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
    ** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
    SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net