| VID |
26075 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Windows Media Services installed on the Windows host are vulnerable to a denial of service attack.
A vulnerability exists because of the way that Windows Media Station Service and Windows Media Monitor Service, components of Windows Media Services, handle TCP/IP connections. Windows Media Services is not installed by default. If a remote attacker were to send a specially-crafted sequence of TCP/IP packets to the listening port of either of these services, the service could stop responding to requests and no additional connections could be made. The service must be restarted to regain its functionality.
* References:
http://www.kb.cert.org/vuls/id/982630
http://www.securiteam.com/windowsntfocus/5PP0J00CAY.html
* Platforms Affected:
Windows Media Services 4.1
Microsoft Windows 2000 Server Service Pack 2
Microsoft Windows 2000 Server Service Pack 3
Microsoft Windows 2000 Server Service Pack 4 |
| Recommendation |
Apply the appropriate patch for your system, as listed in the Microsoft Security Bulletin MS04-008 at http://www.microsoft.com/technet/security/bulletin/ms04-008.mspx |
| Related URL |
CVE-2003-0905 (CVE) |
| Related URL |
9825 (SecurityFocus) |
| Related URL |
15038 (ISS) |
|
