Microsoft Windows NT and Windows 2000 malformed RPC request denial of service
| winnt-malformed-rpc-dos (7528) |  Medium Risk |
Description:
Microsoft Windows NT and Windows 2000 are vulnerable to a denial of service attack, caused by an input validation error in the handling of RPC requests. An attacker could send a specially-crafted RPC request to the server to cause the server to crash. The server must be restarted to regain normal functionality.
Platforms Affected:
- Microsoft, Windows 2000
- Microsoft, Windows 2003 Server
- Microsoft, Windows NT 4.0
Remedy:
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS01-041. See References.
For Windows NT:
Microsoft originally provided a patch for this vulnerability in MS01-041, but it has been superseded by the patch released with MS02-018. See References.
Consequences:
Denial of Service
References:
- BindView RAZOR Security Advisory, July 30, 2001, Multiple Remote DoS vulnerabilities in DCE/RPC deamons at http://razor.bindview.com/publish/advisories/adv_DCE-RPC_DoS.html.
- CIAC Information Bulletin L-126, Microsoft Remote Procedure Call (RPC) Server Vulnerability at http://www.ciac.org/ciac/bulletins/l-126.shtml.
- Microsoft Security Bulletin MS01-041, Malformed RPC Request Can Cause Service Failure at http://www.microsoft.com/technet/security/bulletin/ms01-041.mspx.
- Microsoft Security Bulletin MS02-018, Cumulative Patch for Internet Information Services (Q319733) at http://www.microsoft.com/technet/security/bulletin/ms02-018.mspx.
- BID-3104: Microsoft Remote Procedure Call Service DoS Vulnerability
- CVE-2001-0509: Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs.
Reported:
Jul 26, 2001
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.
For corrections or additions please email xforce@iss.net