Vulnerabilities > CVE-2001-0546 - Denial of Service vulnerability in Microsoft ISA Server 2000
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Memory leak in H.323 Gatekeeper Service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (resource exhaustion) via a large amount of malformed H.323 data.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 3196 CVE(CAN) ID: CVE-2001-0546 Microsoft ISA Server中所带的一个服务:H.323 Gatekeeper存在一个拒绝服务漏洞,这 个服务支持"voice-over-IP"数据通过ISA防火墙传输。它包含一个内存泄漏问题,当发送 特定类型的畸形H.323数据时就会触发内存泄漏。如果攻击者持续发送大量的畸形数据, 就可以消耗大量的服务器内存,并使性能严重下降以至中止所有通过防火墙的通信。 Microsoft ISA Server 2000 - Microsoft Windows 2000 微软已经为此发布了一个安全公告(MS01-045)以及相应补丁程序: <a href=http://www.microsoft.com/technet/security/bulletin/MS01-045.asp target=_blank>http://www.microsoft.com/technet/security/bulletin/MS01-045.asp</a> 补丁下载: Microsoft ISA Server 2000: <a href=http://www.microsoft.com/Downloads/Release.asp?ReleaseID=32094 target=_blank>http://www.microsoft.com/Downloads/Release.asp?ReleaseID=32094</a> |
| id | SSV:3637 |
| last seen | 2017-11-19 |
| modified | 2008-07-16 |
| published | 2008-07-16 |
| reporter | Root |
| title | Microsoft ISA Server H.323 Gatekeeper内存泄漏漏洞(MS01-045) |