Vulnerabilities > CVE-2001-0543 - Memory Leak vulnerability in Microsoft Exchange Server, Windows 2000 and Windows NT

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

microsoft

CWE-401

NVD

Published: 2001-09-20

Updated: 2020-04-02

Summary

Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Exchange Server 2000	1
OS	Microsoft Microsoft Windows 2000 * Microsoft Windows NT 4.0	2

Common Weakness Enumeration (CWE)

CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

Oval

accepted

2011-05-16T04:02:45.224-04:00

class

vulnerability

contributors

name Christine Walzer
organization The MITRE Corporation
name Shane Shaffer
organization G2, Inc.
name Sudhir Gandhe
organization Telos
name Shane Shaffer
organization G2, Inc.

description

Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts.

family

windows

oval:org.mitre.oval:def:334

status

accepted

submitted

2003-09-16T12:00:00.000-04:00

title

Windows NNTP Memory Leak

version

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Oval

References