=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2009/VULN514
_____________________________________________________________________

DATE                      : 09/12/2009

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows 2000, Windows XP, Windows Server 2003
                             running Local Security Authority Subsystem Service.

======================================================================
KB974392
http://www.microsoft.com/technet/security/Bulletin/MS09-069.mspx
______________________________________________________________________

Microsoft Security Bulletin MS09-069 - Important

Vulnerability in Local Security Authority Subsystem Service Could Allow Denial
of Service (974392)

  Published: December 08, 2009

  Version: 1.0

General Information

Executive Summary

  This security update resolves a privately reported vulnerability in
  Microsoft Windows. The vulnerability could allow a denial of service if a
  remote, authenticated attacker, while communicating through Internet
  Protocol security (IPsec), sends a specially crafted ISAKMP message to
  the Local Security Authority Subsystem Service (LSASS) on an affected
  system.

  This security update is rated Important for all supported editions of
  Microsoft Windows 2000, Windows XP, and Windows Server 2003. For more
  information, see the subsection, Affected and Non-Affected Software,
  in this section.

  The security update addresses the vulnerability by changing the way that
  LSASS handles specially crafted requests. For more information about the
  vulnerability, see the Frequently Asked Questions (FAQ) subsection for the
  specific vulnerability entry under the next section, Vulnerability
  Information.

Affected Software

  Microsoft Windows 2000 Service Pack 4
  Windows XP Service Pack 2 and Windows XP Service Pack 3
  Windows XP Professional x64 Edition Service Pack 2
  Windows Server 2003 Service Pack 2
  Windows Server 2003 x64 Edition Service Pack 2
  Windows Server 2003 with SP2 for Itanium-based Systems

Vulnerability Information

Local Security Authority Subsystem Service Resource Exhaustion Vulnerability -
CVE-2009-3675

  A denial of service vulnerability exists in Microsoft Windows due to the way
  that the Local Security Authority Subsystem Service (LSASS) improperly
  handles specially crafted ISAKMP messages communicated through IPsec.

======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================