SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#326746

Microsoft Windows RPC service vulnerable to denial of service

Overview

A vulnerability exists in Microsoft's Remote Procedure Call (RPC) implementation. A remote attacker could exploit this vulnerability to cause a denial of service. An exploit for this vulnerability is publicly available.

I. Description

Microsoft has released MS03-039 to address a vulnerability in Microsoft's Remote Procedure Call (RPC) implementation. A denial-of-service vulnerability exists in this service that can be remotely exploited. This vulnerability is not the same as the vulnerability described in CA-2003-16 (MS03-026), however, the impact is similar. An exploit for this vulnerability is publicly available. We have confirmed with Microsoft that this vulnerability only affects Windows 2000 systems.

II. Impact

A remote attacker could exploit this vulnerability to cause a denial of service. Although it has been reported that this vulnerability may be used to gain elevated privileges, according to Microsoft's testing, exploitation of this vulnerability can only cause a denial-of-service condition.

III. Solution

Microsoft has released a patch for this vulnerability in MS03-039.

Restrict Access
You may wish to block access to from outside your network perimeter, specifically by blocking access to TCP and UDP ports 135, 139, and 445. This will limit your exposure to attacks. However, blocking at the network perimeter would still allow attackers within the perimeter of your network to exploit the vulnerability. It is important to understand your network's configuration and service requirements before deciding what changes are appropriate

Systems Affected

VendorStatusDate NotifiedDate Updated
Microsoft CorporationVulnerable10-Sep-2003

References


http://www.microsoft.com/technet/security/bulletin/MS03-039.asp
http://www.xfocus.org/advisories/200307/4.html

Credit

This document was written by Damon Morda.

Other Information

Date Public:2003-07-22
Date First Published:2003-07-31
Date Last Updated:2003-09-10
CERT Advisory:CA-2003-19
CVE-ID(s):CAN-2003-0605
NVD-ID(s):CAN-2003-0605
US-CERT Technical Alerts: 
Metric:27.00
Document Revision:22

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Copyright 2003 Carnegie Mellon University
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader