Spyware Doctor
Spyware Doctor with AntiVirus
PC Tools AntiVirus
PC Tools Internet Security
PC Tools Firewall Plus
ThreatFire
Spam Monitor
iAntiVirus for Mac OS X
Registry Mechanic
Desktop Maestro
File Recover
Privacy Guardian
PC Tools Disk Suite
Spyware Doctor Enterprise
Help me choose
NNTP Service Contains Memory Leak New
A security vulnerability exists in the NNTP news service which could allow a remote malicious user to cause a denial of service attack by exploiting a memory leak.
Issue
The NNTP (Network News Transport Protocol) service in Windows NT 4.0, Windows 2000, and Exchange 2000 contains a memory leak in a routine that processes news postings. Each time such a posting is processed that contains a particular construction, the memory leak causes a small amount of memory to no longer be available for use. If an attacker sent a large number of posts, the server memory could be depleted to the point at which normal service would be disrupted. An affected server could be restored to normal service by stopping and starting the IISAdmin service.
Affected Products
- Windows NT 4.0/2000 Server and Exchange Server 2000
Solution
A software patch is available from the following location:
Note: Exchange 5.5 contains an NNTP service, but it is not affected by the vulnerability. Exchange 2000 does not ship a separate NNTP service; instead, if NNTP is enabled, the native Windows 2000 NNTP service is used. As a result, Exchange 2000 servers that offer NNTP services should have the Windows 2000 patch applied to them.
Further Details
Source: Microsoft Corporation
Reference: Microsoft Corporation
Updated: August 15, 2001
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
