Title: Microsoft UPnP Denial of Service Vulnerability
Severity: MODERATE
Description:
Universal Plug and Play, or UPnP, is a service that allows for hosts to locate and use devices on the local network. UPnP support ships with Windows XP and ME. For Windows 98 and 98SE, it is available with Windows XP's Internet Connection Sharing client.
A denial of service vulnerability exists in UPnP implementations that may allow for a remotely exploitable denial of service. When the UPnP service recieves invalid data, system performance degradation may occur on Windows 98, 98SE and ME systems. On XP systems, each request consumes a small amount of memory that is not freed. This is due to a memory leak error. It is possible to exhaust memory resources by repeatedly sending invalid UPnP data to the target XP system.
A remote attacker may be able to exploit this vulnerability if the UPnP ports can be accessed (TCP ports 1900 and 5000). The consequences of exploitation are a denial of service on the affected host. A reboot will restore functionality.
Affected Products:
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows XP
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
References:
- Microsoft: Microsoft Security Bulletin MS01-054
- Microsoft: Windows Update
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
