COMMAND

    kernel

SYSTEMS AFFECTED

    Windows 2000Pro, Windows 98 probably other Windowses

PROBLEM

    Georgi Guninski  found following.   It is  possible a  web page or
    email message to consume all the usable client UDP sockets on  the
    computer  running  Windows.   This  leads  to  stopping client DNS
    resolution on Windows 2000  professional and stopping all  new TCP
    connections on Windows 98.  After closing the malicous application
    normal function of the system is restored though several  machines
    spontaneously rebooted.  It is  interesting to note that Linux  is
    not affected to this vulnerability as far as it was tested.

    This exploit uses java.  The idea is quite simple - create as much
    UDP   sockets   (java.net.DatagramSocket)   as   possible.   Other
    processes are prevented from creating  new UDP sockets.  The  java
    code is:

        for(i=0;i<m;i++)
        {

        try { DatagramSocket d = new DatagramSocket();v.addElement(d);}
        catch (Exception e) {System.out.println("Exhausted, i="+i);}
        }

    Demonstration:

        http://www.guninski.com/winudpdos.html

    The sample  code also  works on  W2K Server  and Advanced  Server.
    Kris  Kistler  couldn't  even   resolve  DNS  from  local   Domain
    Controller.

SOLUTION

    Microsoft was informed on 2 February 2001.