CERTA-2001-AVI-009

Vulnerability from certfr_avis - Published: - Updated:

Un utilisateur local peut, par le biais d'une vulnérabilité liée aux ressources réseau, bloquer toute connexion sur la machine à laquelle il a accès.

Description

Sous Windows NT 4, un objet «mutex» permet de synchroniser l'accès aux ressources système pour empêcher deux processus distincts d'utiliser simultanément la même ressource. Une vulnérabilité dans les permissions de l'objet chargé des ressources réseau permet à un utilisateur local de saturer cette ressource afin d'isoler la machine du réseau.

Solution

Correctifs (version US) disponibles sur le site Microsoft :

Windows NT 4.0 :

http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27272

Windows NT 4 Terminal Server Edition :

http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27291
None
Impacted products
Vendor Product Description
Microsoft Windows Microsoft Windows NT 4.0 Terminal Server.
Microsoft Windows Microsoft Windows NT 4.0 Server ;
References

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows NT 4.0 Terminal Server.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows NT 4.0 Server ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nSous Windows NT 4, un objet \u00abmutex\u00bb permet de synchroniser l\u0027acc\u00e8s aux\nressources syst\u00e8me pour emp\u00eacher deux processus distincts d\u0027utiliser\nsimultan\u00e9ment la m\u00eame ressource. Une vuln\u00e9rabilit\u00e9 dans les permissions\nde l\u0027objet charg\u00e9 des ressources r\u00e9seau permet \u00e0 un utilisateur local de\nsaturer cette ressource afin d\u0027isoler la machine du r\u00e9seau.\n\n## Solution\n\nCorrectifs (version US) disponibles sur le site Microsoft :  \n  \n\nWindows NT 4.0 :\n\n    http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27272\n\n  \n  \n\nWindows NT 4 Terminal Server Edition :\n\n    http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27291\n",
  "cves": [],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft :",
      "url": "http://www.microsoft.com/technet/security/bulletin/ms01-003.asp"
    }
  ],
  "reference": "CERTA-2001-AVI-009",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2001-01-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": "Un utilisateur local peut, par le biais d\u0027une vuln\u00e9rabilit\u00e9 li\u00e9e aux\nressources r\u00e9seau, bloquer toute connexion sur la machine \u00e0 laquelle il\na acc\u00e8s.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans les permissions d\u0027acc\u00e8s sous Windows NT 4",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS01-003",
      "url": null
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.