|
|
RE: KPMG-2002015: Microsoft Distributed Transaction Coordinator DoS: msg#00387security.bugtraq
After trying to locate sources or info to substantiate, including expressing my concerns to the author of the vulnerability and a reprint from another newsletter I received the following from Microsoft ---------- All these articles are miss-construing the problem and how it has been addressed. I looked into the problem identified and it is a bug that was fixed in Windows 2000 Service Pack1. ---------- Andrew -----Original Message----- From: Peter Gründl [mailto:pgrundl@xxxxxxx] Sent: Friday, April 19, 2002 6:45 AM To: bugtraq Subject: KPMG-2002015: Microsoft Distributed Transaction Coordinator DoS -------------------------------------------------------------------- Title: Microsoft Distributed Transaction Coordinator DoS BUG-ID: 2002015 Released: 19th Apr 2002 -------------------------------------------------------------------- Problem: ======== A flaw in the way MSDTC handles malformed packets could allow an attacker to hang the service and exhaust ressources on the Server. Vulnerable: =========== - Windows 2000 Server without MS02-018 patch |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | [CLA-2002:476] Conectiva Linux Security Announcement - webalizer: 00387, secure |
|---|---|
| Next by Date: | Re: XMB cross-scripting vulnerability: 00387, Joe |
| Previous by Thread: | KPMG-2002015: Microsoft Distributed Transaction Coordinator DoSi: 00387, Peter Gründl |
| Next by Thread: | Tomcat 4.1 real path disclosure: 00387, Wang Yun |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |