CVE-2004-1305

Name of the Vulnerable Software and Affected Versions: Windows NT Windows 2000 through SP4 Windows XP through SP1 Windows 2003

Description: The issue allows remote attackers to cause a denial of service. This can be achieved by setting the frame number to zero, which causes an invalid memory address to be used and leads to a kernel crash. Alternatively, setting the rate number to zero leads to resource exhaustion and hang.

Recommendations: For Windows NT, consider applying configuration changes to restrict access to the ANI capability until a fix is available. For Windows 2000 through SP4, update to a newer service pack to resolve the issue. For Windows XP through SP1, update to a newer service pack to resolve the issue. For Windows 2003, consider restricting access to the ANI capability as a temporary workaround until a patch is available.