Wednesday, March 26, 2003
Security Flaw In ActiveSync
Posted by Ed Hansberry in "SOFTWARE" @ 03:30 PM
http://www.securityfocus.com/bid/7150/discussion/
"A problem with ActiveSync could make it possible for remote users to trigger a denial of service. It has been reported that under some circumstances, the ActiveSync wcescomm service can be forced to crash. Due to improper handling of some requests, the wcescomm process becomes unstable. This can result in the process crashing, requiring a manual restart to resume service."
As if AS needed help crashing. ;) Gory details here.
Could be worse. Anyone get a copy of "Microsoft Security Bulletin MS03-010: Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks (331953)" in their email today? I loved this line:
:lol:
"A problem with ActiveSync could make it possible for remote users to trigger a denial of service. It has been reported that under some circumstances, the ActiveSync wcescomm service can be forced to crash. Due to improper handling of some requests, the wcescomm process becomes unstable. This can result in the process crashing, requiring a manual restart to resume service."
As if AS needed help crashing. ;) Gory details here.
Could be worse. Anyone get a copy of "Microsoft Security Bulletin MS03-010: Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks (331953)" in their email today? I loved this line:
Quote: Although Windows NT 4.0 is affected by this vulnerability, Microsoft is unable to provide a patch for this vulnerability for Windows NT 4.0. The architectural limitations of Windows NT 4.0 do not support the changes that would be required to remove this vulnerability.
:lol:
