[原文]ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message. NOTE: multiple replies to the original post state that the problem could not be reproduced.
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org .
Microsoft Windows ME ssdpsrv.exe Crafted SSDP Message DoS
Remote / Network Access
Denial of Service
Loss of Availability
Microsoft Windows ME contains a flaw that may allow a remote denial of service. The issue is triggered when connecting to port 5000 and sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message, which causes the 'ssdpsrv.exe' service to crash resulting in a loss of availability.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.