Microsoft Windows 98/2000 - UDP Socket Denial of Service

EDB-ID:

20613




Platform:

Windows

Date:

2001-02-06


source: https://www.securityfocus.com/bid/2340/info

Microsoft Windows 2000 and 98 are subject to a denial of service condition. Receiving a maliciously crafted email or visiting a malicious web site could prevent Windows 2000 from DNS resolution and Windows 98 from accepting any new TCP connections. This is due to a lack of restrictions on the allocation of network "sockets" by user applications.

A malicious java applet placed on a website could exploit this vulnerability and cause a DoS on victim systems. 

for(i=0;i<m;i++)
{

try { DatagramSocket d = new DatagramSocket();v.addElement(d);}
catch (Exception e) {System.out.println("Exhausted, i="+i);}
}