===================================================================== CERT-Renater Note d'Information No. 2005/VULN614 _____________________________________________________________________ DATE : 12/10/2005 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Windows 2000, Windows XP, Windows Server 2003. ====================================================================== MS05-045 - Vulnerability in Network Connection Manager Could Allow Denial of Service (905414) - Affected Software: - Windows 2000 Service Pack 4 - Windows XP Service Pack 1 - Windows XP Service Pack 2 - Windows Server 2003 - Windows Server 2003 Service Pack 1 - Impact: Remote Code Execution - Version Number: 1.0 Full MS05-045 advisory: http://www.microsoft.com/technet/security/bulletin/MS05-045.mspx Vulnerability Details: Network Connection Manager Vulnerability - CAN-2005-2307: A denial of service vulnerability exists that could allow an attacker to send a specially crafted network packet to an affected system. An attacker who successfully exploited this vulnerability could cause the component responsible for managing network and remote access connections to stop responding. If the affected component is stopped due to an attack, it will automatically restart when new requests are received. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================