L
luap
Guest
MS have finally excelled themselves. This morning I got the usual MS Security bullitin telling me about yet another hole that needs patching etc but this one is different.
DDos problem with it's Infra Red code
-----BEGIN PGP SIGNED MESSAGE-----
- ----------------------------------------------------------------------
Title: Access Violation in Windows 2000 IRDA Driver Can Cause
System to Restart
Date: 21 August 2001
Software: Windows 2000
Impact: Denial of Service
Bulletin: MS01-046
Microsoft encourages customers to review the Security Bulletin at: http://www.microsoft.com/technet/security/bulletin/MS01-046.asp.
- ----------------------------------------------------------------------
Issue:
======
Microsoft Windows 2000 provides support for infrared-based connectivity. This support is provided through protocols developed by the Infrared Data Association (IRDA).
Because of this, they are often called IRDA devices. These devices can be used to share files and printers with other IRDA-device capable systems. The software which handles IRDA devices in Windows 2000 contains an unchecked buffer in the code which handles certain IRDA packets.
A security vulnerability results because it is possible for a malicious user to send a specially crafted IRDA packet
to the victim's system. This could enable the attacker to conduct a buffer overflow attack and cause an access violation on the system, forcing a reboot. To be best of our knowledge, it cannot be used to run malicious code on the user's system
Mitigating Factors:
====================
- The attack would require that an attacker's machine be within
range of the victim's IRDA device, usually within arm's length.
- The attack would require that an attacker's machine's IRDA port
have either a direct line of sight to the victim's machine, or
be able to transmit the IRDA packets through reflection directly
to the victim's IRDA port.
- To the best of our knowledge, this cannot be used to run
malicious code on the user's system.
DDos problem with it's Infra Red code
-----BEGIN PGP SIGNED MESSAGE-----
- ----------------------------------------------------------------------
Title: Access Violation in Windows 2000 IRDA Driver Can Cause
System to Restart
Date: 21 August 2001
Software: Windows 2000
Impact: Denial of Service
Bulletin: MS01-046
Microsoft encourages customers to review the Security Bulletin at: http://www.microsoft.com/technet/security/bulletin/MS01-046.asp.
- ----------------------------------------------------------------------
Issue:
======
Microsoft Windows 2000 provides support for infrared-based connectivity. This support is provided through protocols developed by the Infrared Data Association (IRDA).
Because of this, they are often called IRDA devices. These devices can be used to share files and printers with other IRDA-device capable systems. The software which handles IRDA devices in Windows 2000 contains an unchecked buffer in the code which handles certain IRDA packets.
A security vulnerability results because it is possible for a malicious user to send a specially crafted IRDA packet
to the victim's system. This could enable the attacker to conduct a buffer overflow attack and cause an access violation on the system, forcing a reboot. To be best of our knowledge, it cannot be used to run malicious code on the user's system
Mitigating Factors:
====================
- The attack would require that an attacker's machine be within
range of the victim's IRDA device, usually within arm's length.
- The attack would require that an attacker's machine's IRDA port
have either a direct line of sight to the victim's machine, or
be able to transmit the IRDA packets through reflection directly
to the victim's IRDA port.
- To the best of our knowledge, this cannot be used to run
malicious code on the user's system.