Vulnerabilities > CVE-2005-1792 - Unspecified vulnerability in Microsoft Windows XP
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Memory leak in Windows Management Instrumentation (WMI) service allows attackers to cause a denial of service (memory consumption and crash) by creating security contexts more quickly than they can be cleared from the RPC cache.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 4 |
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 13801 CVE(CAN) ID: CVE-2005-1792 Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft Windows XP WMI服务的处理流程中存在问题,远程攻击者可能利用此漏洞执行拒绝服务攻击。 如果用户使用了处理Windows管理规范(WMI)服务的程序的话,就会出现这个漏洞。出现这个漏洞时生成安全上下文的速度要高于清空缓存的速度,导致远程过程调用(RPC)缓存大量增加和内存泄漏,这样应用程序和操作系统变得没有响应,必须重启Windows XP工作站才能恢复正常状态。 Microsoft Windows XP Professional SP2 Microsoft Windows XP Professional SP1 Microsoft Windows XP Professional Microsoft Windows XP Home SP2 Microsoft Windows XP Home SP1 Microsoft Windows XP Home 临时解决方法: 如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁: * 在打开重要的应用程序或未保存的文档时不要使用用到了WMI实现的应用程序。 厂商补丁: Microsoft --------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://support.microsoft.com/default.aspx?scid=fh; target=_blank>http://support.microsoft.com/default.aspx?scid=fh;</a>[LN];CNTACTMS |
id | SSV:4151 |
last seen | 2017-11-19 |
modified | 2008-10-05 |
published | 2008-10-05 |
reporter | Root |
title | Microsoft Windows XP Windows管理规范拒绝服务漏洞 |
References
- http://support.microsoft.com/kb/890196
- http://support.microsoft.com/kb/890196
- http://www.networksecurity.fi/advisories/windows-wmi-rpc.html
- http://www.networksecurity.fi/advisories/windows-wmi-rpc.html
- http://www.osvdb.org/13020
- http://www.osvdb.org/13020
- http://www.securityfocus.com/bid/13801
- http://www.securityfocus.com/bid/13801