Spyware Doctor
Spyware Doctor with AntiVirus
PC Tools AntiVirus
PC Tools Internet Security
PC Tools Firewall Plus
ThreatFire
Spam Monitor
iAntiVirus for Mac OS X
Registry Mechanic
Desktop Maestro
File Recover
Privacy Guardian
PC Tools Disk Suite
Spyware Doctor Enterprise
Help me choose
Malformed Security Identifier Request Vulnerability
A vulnerability exists in the LsaLookupSids function that could allow a malicious user to cause a Windows NT machine to stop responding to requests for service.
Issue
The Windows NT Local Security Authority (LSA) provides a number of functions for enumerating and manipulating security information. One of these functions, LsaLookupSids(), is used to determine the Security Identifier (SID) associated with a particular user or group name. A flaw in the implementation of this function causes it to incorrectly handle certain types of invalid arguments. If an affected call were made to this function, it would cause the LSA to crash, thereby preventing the machine from performing useful work.
An affected machine could be put back into service by rebooting, with the loss of any work that was in progress at the time. Remote attacks via this vulnerability would not be possible if NetBios is filtered at the firewall.
Affected Products
- Windows NT Server, Enterprise, Terminal Server and Workstation 4.0
Solution
The fix for this vulnerability is included in the patch for the "Syskey Keystream Reuse" vulnerability. Users who have already applied it do not need to take any additional action.
Further Details
Source: Microsoft Corporation
Reference: Microsoft Corporation
Updated: December 16, 1999
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
