Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:1210
HistoryJan 26, 2001 - 12:00 a.m.

Security Bulletin (MS01-003)

2001-01-2600:00:00
vulners.com
376

Title: Patch Available for Winsock Mutex Vulnerability
Date: 24 January 2001
Software: Microsoft Windows NT 4.0 and Windows NT 4.0 TSE
Impact: Denial of Service
Bulletin: MS01-003

Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/security/bulletin/ms01-003.asp


Issue:

Like all other objects under Windows NT 4.0, mutexes -
synchronization objects that govern access to resources - have
permissions associated with them, that govern how they can be
accessed. However, a particular mutex used to govern access to a
networking resource has inappropriately loose permissions. This could
enable an attacker who had the ability to run code on a local machine
to monopolize the mutex, thereby preventing any other processes from
using the resource that it controlled. This would have the effect of
preventing the machine from participating in the network.

The attacker would require interactive logon access to the affected
machine. This significantly limits the scope of the vulnerability
because, if normal security recommendations have been followed,
unprivileged users will not be granted interactive logon rights to
critical machines like servers. Unprivileged users typically are
granted interactive logon rights to workstations and terminal
servers. However, a workstation would not be a tempting target for an
attacker, because he could only use this vulnerability to deny
service to himself. The machines most likely to be affected would be
terminal servers.

Mitigating Factors:

  • The attacker would require interactive logon access to the
    affected machine.

Path Availability:

Acknowledgment: