NT LsaLookupSids() DoS Vulnerability

The LsaLookupSids() function (part of the LSA API) in Windows NT 4.0, if passed an invalid argument, can be made to force the LSASS.exe process to crash. Without a functional LSA, the system will be unable to handle logons, logoffs, and most other operations involving user authentication. To restore normal operation, the affected system needs to be rebooted.


 

Privacy Statement
Copyright 2010, SecurityFocus