Security Guide for Windows - Malformed TCP/IP Print Request Vulnerability

Guides
Products
- Security Products
- Spyware Doctor
- Spyware Doctor with AntiVirus
- PC Tools AntiVirus
- PC Tools Internet Security
- PC Tools Firewall Plus
- ThreatFire
- Spam Monitor
- Utility Products
- Registry Mechanic
- Desktop Maestro
- File Recover
- Privacy Guardian
- Business Solutions
- Spyware Doctor Enterprise
- Help me choose
Download
- Security Products
- Spyware Doctor
- Spyware Doctor with AntiVirus
- PC Tools AntiVirus
- PC Tools Internet Security
- PC Tools Firewall Plus
- ThreatFire
- Spam Monitor
- Utility Products
- Registry Mechanic
- Desktop Maestro
- File Recover
- Privacy Guardian
- Business Solutions
- Spyware Doctor Enterprise
- Help me choose
Purchase
- Security Products
- Spyware Doctor
- Spyware Doctor with AntiVirus
- PC Tools AntiVirus
- PC Tools Internet Security
- ThreatFire
- Spam Monitor
- Utility Products
- Registry Mechanic
- Desktop Maestro
- File Recover
- Privacy Guardian
- Business Solutions
- Spyware Doctor Enterprise
- Help me choose
Support
- Online Support
- Lost Code
Company
- Awards
- Careers
- Community Forum
- Contact
- Labs
- News
- Partners
- Press Room
- Industry News


	Features Registry Guide Software Guide Scripting Guide Driver Guide Support Forums Newsletters Password Tool Downloads Dictionary Spyware Doctor PC Tools AntiVirus Firewall Plus


	Newsletter Receive regular Windows® updates Your privacy is ensured by our privacy policy

Security Home > Windows NT, 2000 & XP

Malformed TCP/IP Print Request Vulnerability

By sending a specially-malformed print request via the LPD Server service, a malicious user could cause the service to stop, preventing the computer from servicing some print requests. Other services may also be affected by stopping this service, including the Dynamic Host Control Protocol (DHCP) service.

Issue

TCP/IP Printing Services is an RFC 1179-compliant printing service designed for environments that use the Berkeley Remote Printing protocols, also known as LPD and LPR. (In Windows 2000, TCP/IP Printing Services are also known as Print Services for Unix). A specially-malformed print request could cause TCPSVC.EXE to crash, which would not only prevent the server from providing printing services, but also would stop several other services, most importantly DHCP. Any affected services could be put back into service by restarting them; it would not be necessary to reboot the machine.

It is important to note that TCP/IP Printing Services is different from the native Windows NT 4.0 and Windows 2000 printing services. TCP/IP Printing Services is not installed by default, and the vulnerability at hand here would not allow a malicious user to disrupt printing via the native Windows NT 4.0 and Windows 2000 printing services.

Affected Products

Windows NT/2000

Solution

Software patches are available from the following locations:

Windows 2000 Professional, Server, and Advanced Server:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=19884
Windows NT 4.0 Workstation, Server, and Server, Enterprise Edition:
Intel: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20015
Alpha: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20016
Windows NT 4.0 Server, Terminal Server Edition:
Intel: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20017
Alpha: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=20103

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: March 30, 2000

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<

Search Guides

Issue

Affected Products

Solution

Further Details