Microsoft Windows DTC Transaction Internet Protocol (TIP) DoS

2005-10-11T21:02:46
ID OSVDB:19903
Type osvdb
Reporter OSVDB
Modified 2005-10-11T21:02:46

Description

Vulnerability Description

Microsoft Windows has a flaw that may allow a remote attacker to cause a denial of service. The issue is due to the Transaction Internet Protocol (TIP) functionality of the Distributed Transaction Controller not properly sanitizing data sent by remote servers. With an unexpected protocol command during a reconnection request, a remote attacker can cause the MSDTC service to have an exception and exit.

Short Description

Microsoft Windows has a flaw that may allow a remote attacker to cause a denial of service. The issue is due to the Transaction Internet Protocol (TIP) functionality of the Distributed Transaction Controller not properly sanitizing data sent by remote servers. With an unexpected protocol command during a reconnection request, a remote attacker can cause the MSDTC service to have an exception and exit.

References:

Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Security Tracker: 1015037 Secunia Advisory ID:17161 Secunia Advisory ID:17223 Secunia Advisory ID:17509 Secunia Advisory ID:17172 Related OSVDB ID: 19904 Related OSVDB ID: 19902 Other Advisory URL: http://www.idefense.com/application/poi/display?id=320&type=vulnerabilities Microsoft Security Bulletin: MS05-051 Microsoft Knowledge Base Article: 902400 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0279.html Keyword: 2005006318 CVE-2005-1979