ISS X-Force Database: mssql-malformed-rpc-dos(7527): Microsoft SQL Server malformed RPC request denial of service

Microsoft SQL Server malformed RPC request denial of service

mssql-malformed-rpc-dos (7527)

Medium Risk

Description:

Microsoft SQL Server is vulnerable to a denial of service attack, caused by an input validation error in the handling of RPC requests. An attacker could send a specially-crafted RPC request to the server to cause the server to crash. The server must be restarted to regain normal functionality.

Platforms Affected:

Microsoft, SQL Server 2000
Microsoft, SQL Server 7.0
Microsoft, Windows 2003 Server

Remedy:

Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS01-041. See References.

For Windows NT:
Microsoft originally provided a patch for this vulnerability in MS01-041, but it has been superseded by the patch released with MS02-018. See References.

Consequences:

Denial of Service

References:

BindView RAZOR Security Advisory, July 30, 2001, Multiple Remote DoS vulnerabilities in DCE/RPC deamons at http://razor.bindview.com/publish/advisories/adv_DCE-RPC_DoS.html.
CIAC Information Bulletin L-126, Microsoft Remote Procedure Call (RPC) Server Vulnerability at http://www.ciac.org/ciac/bulletins/l-126.shtml.
Microsoft Security Bulletin MS01-041, Malformed RPC Request Can Cause Service Failure at http://www.microsoft.com/technet/security/bulletin/ms01-041.mspx.
Microsoft Security Bulletin MS02-018, Cumulative Patch for Internet Information Services (Q319733) at http://www.microsoft.com/technet/security/bulletin/ms02-018.mspx.
BID-3104: Microsoft Remote Procedure Call Service DoS Vulnerability
CVE-2001-0509: Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs.

Reported:

Jul 26, 2001

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page