McAfee > Theat Center > Vulnerability Detail Page

Timeline

10/13/2009

Vendor has provided a patch.

Description

A privilege elevation vulnerability in the Microsoft Windows Local Security Authority Subsystem Service (LSASS) may allow denial-of-service attacks. An attacker could create specially crafted anonymous NTLM authentication requests that would cause a crash in the LSASS service and subsequently would restart the computer

McAfee Product Mitigation & Recommendations

Recommendations

The vendor has released a patch to address this issue: http://www.microsoft.com/technet/security/bulletin/ms09-059.mspx

McAfee Product Mitigation

McAfee Foundstone

Signature:

(MS09-059) Local Security Authority Subsystem Service Integer Overflow Vulnerability (975467)

Signature identifier:

7205

Release date:

10/13/2009

McAfee Intrushield

Signature:

DCERPC: LSASS Integer Overflow Vulnerability

Signature identifier:

0x47604B00

Release date:

8/24/2000

First released in:

4.1.59, 5.1.29

McAfee Host IPS

Signature:

Generic Buffer Overflow Protection

Signature identifier:

428

Release date:

8/24/2000

First released in:

2.0

McAfee VirusScan Enterprise 8.0i (VSE8.0i) / Managed Virus Scan (MVS) Buffer Overflow Protection

Signature:

Generic Buffer Overflow Protection

McAfee VirusScan Enterprise 8.5i (VSE8.5i) /Total Protection for Small Business (ToPS SB) Buffer Overflow Protection

Signature:

Generic Buffer Overflow Protection

Signature:

Generic Buffer Overflow Protection

The V-Flash of October 14th will contain remedies for this issue.

Signature:

Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467)

Signature identifier:

98972

Release date:

10/14/2009

Additional Resources

(MS09-059) Local Security Authority Subsystem Service Integer Overflow Vulnerability (975467)

http://www.microsoft.com/technet/security/bulletin/ms09-059.mspx

All Information

Timeline -

10/13/2009

Vendor has provided a patch.

Description -

A privilege elevation vulnerability in the Microsoft Windows Local Security Authority Subsystem Service (LSASS) may allow denial-of-service attacks. An attacker could create specially crafted anonymous NTLM authentication requests that would cause a crash in the LSASS service and subsequently would restart the computer

McAfee Product Mitigation & Recommendations

Recommendations -

The vendor has released a patch to address this issue: http://www.microsoft.com/technet/security/bulletin/ms09-059.mspx

McAfee Product Mitigation

McAfee Foundstone

Signature:

(MS09-059) Local Security Authority Subsystem Service Integer Overflow Vulnerability (975467)

Signature identifier:

7205

Release date:

10/13/2009

McAfee Intrushield

Signature:

DCERPC: LSASS Integer Overflow Vulnerability

Signature identifier:

0x47604B00

Release date:

8/24/2000

First released in:

4.1.59, 5.1.29

McAfee Host IPS

Signature:

Generic Buffer Overflow Protection

Signature identifier:

428

Release date:

8/24/2000

First released in:

2.0

McAfee VirusScan Enterprise 8.0i (VSE8.0i) / Managed Virus Scan (MVS) Buffer Overflow Protection

Signature:

Generic Buffer Overflow Protection

McAfee VirusScan Enterprise 8.5i (VSE8.5i) /Total Protection for Small Business (ToPS SB) Buffer Overflow Protection

Signature:

Generic Buffer Overflow Protection

Signature:

Generic Buffer Overflow Protection

The V-Flash of October 14th will contain remedies for this issue.

Signature:

Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467)

Signature identifier:

98972

Release date:

10/14/2009

Additional Resources

Additional Resources -

(MS09-059) Local Security Authority Subsystem Service Integer Overflow Vulnerability (975467)

http://www.microsoft.com/technet/security/bulletin/ms09-059.mspx