Vicious tackle on Windows 2000 print spoolers
Cheap foul against Windows 2000: a Python script, published in the Milw0rm exploit archive, uses a previously unknown vulnerability in the print spooler (Spoolsv.exe) to remotely cause a computer to crash or freeze up. Sending a specially prepared GetPrinterData request to the vulnerable computer is enough to allocate a process using extremely high amounts of memory, bringing the computer to the threshold of inoperability. The bug has been confirmed in fully patched Windows 2000 SP4 systems.
As yet there is no update to close the hole. Workarounds include deactivating the service using the services GUI, or via the command prompt (sc stop spooler and sc config spooler start= disabled), as well as restricting access to the service using a firewall.
- MS Windows spoolss GetPrinterData() 0day Memory Allocation Remote DoS Exploit, exploit at milw0rm