Vulnerability Note VU#698564

Microsoft CIS and RPC over HTTP Proxy components fail to properly handle responses

Overview

A vulnerability in a Microsoft HTTP Proxy component may lead to a denial of service.

I. Description

Microsoft's COM Internet Sevices (CIS) and Remote Procedure Call (RPC) over HTTP Proxy contain a vulnerability that could permit an attacker to cause a denial of service. When a forwarded request is passed over either of these components to the backend system, an attacker may be able to reply to the request with a specially crafted response. This could cause the vulnerable components to stop accepting future requests. This vulnerability affects the following systems:

Windows NT Server 4.0
Windows NT Server 4.0, Terminal Server Edition
Windows 2000
Windows Server 2003
II. Impact
A remote attacker may be able to stop the vulnerable component from accepting messages. This would lead to a denial of service.
III. Solution
Apply a patch from the vendor

Microsoft Security Bulletin MS04-012 contains patch information to resolve this issue.

Systems Affected

Vendor	Status	Date Updated
Microsoft Corporation	Vulnerable	13-Apr-2004

References

http://www.microsoft.com/technet/security/bulletin/ms04-012.mspx

Credit

The Microsoft Security Bulletin thanks Qualys for reporting this vulnerability.

This document was written by Jason A Rafail.

Other Information

Date Public	04/13/2004
Date First Published	04/13/2004 08:19:31 PM
Date Last Updated	04/13/2004
CERT Advisory
CVE-ID(s)	CAN-2003-0807
NVD-ID(s)	CAN-2003-0807
US-CERT Technical Alerts
Metric	5.32
Document Revision	9

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Get Adobe Reader