[ISN] Flaw leaves Windows open to DoS attack, Microsoft warns

From: InfoSec News (isnat_private)
Date: Fri Nov 01 2002 - 01:11:33 PST

Next message: InfoSec News: "[ISN] Root-Server Attack Traced to South Korea, U.S."

Previous message: InfoSec News: "[ISN] DOD official outlines IT challenges"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.nwfusion.com/news/2002/1031winflaw.html

By Joris Evers
IDG News Service 
10/31/02

A flaw in software code that implements a protocol for VPN makes
Windows 2000 and Windows XP systems vulnerable to denial-of-service
attacks, Microsoft warned late Wednesday.

An unchecked buffer exists in the code that implements the
Point-to-Point Tunneling Protocol (PPTP), a protocol that enables
users to create and use VPNs that is natively supported by Windows
2000 and Windows XP, Microsoft said in security bulletin MS02-063. The
software maker deems the issue "critical."

PPTP is an option in Routing and Remote Access Services in server
versions of Windows 2000 and Windows XP, and part of the Remote Access
Client in workstation versions. Systems are only at risk if PPTP has
been enabled, Microsoft said.

Both server and client systems are at risk, though an attack on a
client would be more difficult as it typically changes its IP address
every time a connection is setup, Microsoft said. An attacker could
cause a vulnerable system to fail by sending malformed PPTP control
data to the system, Microsoft said.

A patch to fix the problem is available from Microsoft's TechNet Web
site. Administrators offering PPTP services should install it
immediately, and users of remote access using PPTP should consider
installing the patch, the Redmond, Wash., software maker said.

Microsoft warned of another, "moderate," security issue affecting
Windows 2000 in a separate security bulletin issued Wednesday.

The default permission settings for the software provide users in the
"Everyone" group full access to the system root folder. An attacker
could mount a Trojan horse attack against users on the same system by
placing a program in the root and having that run when another user
signs on, Microsoft said. Administrators should consider changing
access permissions on the Windows 2000 root directory, Microsoft said.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.

Next message: InfoSec News: "[ISN] Root-Server Attack Traced to South Korea, U.S."
Previous message: InfoSec News: "[ISN] DOD official outlines IT challenges"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Nov 01 2002 - 03:52:27 PST