Microsoft Windows Print Spooler GetPrinterData Denial of Service Vulnerability

Bugtraq ID:	21401
Class:	Failure to Handle Exceptional Conditions
CVE:
Remote:	Yes
Local:	No
Published:	Dec 02 2006 12:00AM
Updated:	Dec 04 2006 03:59PM
Credit:	h07 is credited with the discovery of this vulnerability.
Vulnerable:	Microsoft Windows 2000 Server SP4 Microsoft Windows 2000 Professional SP4 Microsoft Windows 2000 Datacenter Server SP4 Microsoft Windows 2000 Advanced Server SP4
Not Vulnerable:

Microsoft Windows Print Spooler GetPrinterData Denial of Service Vulnerability

Microsoft Windows Print Spooler service is prone to a denial-of-service vulnerability.

A remote attacker can exploit this issue to crash the affected service, denying service to legitimate users.

Reports indicate that this issue affects Print Spooler on Microsoft Windows 2000 SP4; other versions may also be vulnerable.

Microsoft Windows Print Spooler GetPrinterData Denial of Service Vulnerability

The following exploit is available:

• /data/vulnerabilities/exploits/21404.py

Microsoft Windows Print Spooler GetPrinterData Denial of Service Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].

Microsoft Windows Print Spooler GetPrinterData Denial of Service Vulnerability

References:

• Microsoft Homepage (Microsoft)
  
• Windows 2000 Homepage (Microsoft)