Microsoft KB Archive/299796

= MS00-077: Denial-of-Service Attack on Port 1720 May Cause a Memory Leak in Conf.exe =

Article ID: 299796

Article Last Modified on 1/31/2007

-

APPLIES TO


 * Microsoft Windows 2000 Service Pack 1
 * Microsoft Windows 2000 Service Pack 2
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Service Pack 1
 * Microsoft Windows 2000 Service Pack 2

-



This article was previously published under Q299796



SYMPTOMS
A port attack on port 1720, which is used by the Microsoft NetMeeting Remote Desktop Sharing (RDS) process, may cause a memory leak. When this occurs, Conf.exe consumes all available memory and 50 percent of the CPU usage.



RESOLUTION
To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack

The English version of this fix should have the following file attributes or later:   Date       Time    Version     Size     File name 5/24/2001 01:45p  4.4.0.3385  392,976  Callcont.dll



STATUS
Microsoft has confirmed that this problem may cause a degree of security vulnerability in Microsoft Windows 2000. This problem was first corrected in Windows 2000 Service Pack 3.



MORE INFORMATION
For more information about this vulnerability, see the following Microsoft Web site:

http://www.microsoft.com/technet/security/bulletin/MS00-077.mspx

Additional query words: security_patch kbWin2000srp1 kbsecvulnerability kbsechack

Keywords: kbbug kbfix kbwin2000presp3fix kbqfe kbwin2000sp3fix kbsecurity kbhotfixserver KB299796

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.