Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Microsoft Windows NT 4.0 / 2000 LPC Zone Memory Depletion DoS Vulnerability

🗓️ 01 Jul 2014 00:00:00Reported by RootType 
seebug
 seebug🔗 www.seebug.org👁 10 Views

Microsoft Windows NT 4.0 / 2000 LPC Zone Memory Depletion DoS Vulnerability. LPC allows local communication, with a potential DoS attack causing memory depletion, requiring system reboot

Code

                                                source: http://www.securityfocus.com/bid/1745/info

LPC (Local Procedure Call) is a message-passing service that allows threads and processes to communicate with each other on a local machine as opposed to RPC (Remote Procedure Call) that takes place between different hosts. LPC allocates memory from a pool specifically for message-storage into what is known as the LPC Zone. If the LPC Zone allocated memory cannot handle the volume of messages received, then memory is transferred from the kernel to the LPC Zone. Under normal circumstances, the memory should be diverted back to the kernel from the LPC Zone once it is no longer in use. However, creating a specially malformed request can cause the memory to be withheld by the LPC Zone which could eventually utilize all of the kernel's memory resources if this action was repeated.

Reboot of the system is required in order to regain normal functionality.

This vulnerability can only be launched against a machine a user can interactively log onto, therefore remote exploitation is not possible.

start porttool -s6 \BaseNamedObjects\Foo
porttool -c6 \BaseNamedObject\Foo 

http://www.exploit-db.com/sploits/20255.zip

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
01 Jul 2014 00:00Current
7.1High risk
Vulners AI Score7.1
microsoft windows nt 4.0lpc zonememory depletiondos vulnerabilitylocal procedure callrebootsystemcommunicationkernelexploitation
10