Exploit Microsoft Windows NT 4.0/2000 - LPC Zone Memory Depletion Denial of Service

Exploiter

Хакер
34,599
0
18 Дек 2022
EDB-ID
20255
Проверка EDB
  1. Пройдено
Автор
BINDVIEW'S RAZOR TEAM
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
null
Дата публикации
2000-10-03
Код:
source: https://www.securityfocus.com/bid/1745/info

LPC (Local Procedure Call) is a message-passing service that allows threads and processes to communicate with each other on a local machine as opposed to RPC (Remote Procedure Call) that takes place between different hosts. LPC allocates memory from a pool specifically for message-storage into what is known as the LPC Zone. If the LPC Zone allocated memory cannot handle the volume of messages received, then memory is transferred from the kernel to the LPC Zone. Under normal circumstances, the memory should be diverted back to the kernel from the LPC Zone once it is no longer in use. However, creating a specially malformed request can cause the memory to be withheld by the LPC Zone which could eventually utilize all of the kernel's memory resources if this action was repeated.

Reboot of the system is required in order to regain normal functionality.

This vulnerability can only be launched against a machine a user can interactively log onto, therefore remote exploitation is not possible.

start porttool -s6 \BaseNamedObjects\Foo
porttool -c6 \BaseNamedObject\Foo 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/20254.zip
 
Источник
www.exploit-db.com

Похожие темы