Microsoft Windows Media Services Severed Connection DoS Vulnerability
BID:2123
Info
Microsoft Windows Media Services Severed Connection DoS Vulnerability
| Bugtraq ID: | 2123 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Dec 14 2000 12:00AM |
| Updated: | Dec 14 2000 12:00AM |
| Credit: | Discovered by NTT Communications and publicized in a Microsoft Security Bulletin (MS00-097) on December 15, 2000. |
| Vulnerable: |
Microsoft Windows Media Services 4.1 Microsoft Windows Media Services 4.0 |
| Not Vulnerable: | |
Discussion
Microsoft Windows Media Services Severed Connection DoS Vulnerability
Microsoft Windows Media Services are the server-side component of Windows Media Technologies which provides streaming video and audio content capabilities. It is divided into types of services, Unicast and Multicast. Windows Media Unicast Services supplies media content to one client at a time as opposed to Multicast which serves multiple clients simultaneously. Windows Media Unicast Services are only affected by the vulnerability at hand.
In the event that a client establishes a connection and then severs it abruptly in a particular fashion, Windows Media Services will not release the resources it has allocated to that particular client. If Windows Media Services were to receive these connections repeatedly, resources would become depleted and reach such a level that Windows Media Services would not be able to properly service clients. Restarting the service would be required in order to regain normal functionality and any client being serviced at the time would have to re-establish their connection.
Microsoft Windows Media Services are the server-side component of Windows Media Technologies which provides streaming video and audio content capabilities. It is divided into types of services, Unicast and Multicast. Windows Media Unicast Services supplies media content to one client at a time as opposed to Multicast which serves multiple clients simultaneously. Windows Media Unicast Services are only affected by the vulnerability at hand.
In the event that a client establishes a connection and then severs it abruptly in a particular fashion, Windows Media Services will not release the resources it has allocated to that particular client. If Windows Media Services were to receive these connections repeatedly, resources would become depleted and reach such a level that Windows Media Services would not be able to properly service clients. Restarting the service would be required in order to regain normal functionality and any client being serviced at the time would have to re-establish their connection.
Exploit / POC
Microsoft Windows Media Services Severed Connection DoS Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
Microsoft Windows Media Services Severed Connection DoS Vulnerability
References:
References: