Vulnerability Note VU#417052

Microsoft RPCSS Service contains memory leak in handling of specially crafted messages

Original Release date: 14 Apr 2004 | Last revised: 14 Apr 2004


Microsoft RPCSS Service contains a memory management vulnerability that may permit a remote attacker to cause a denial-of-service situation.


The Microsoft RPCSS Service is responsible for managing Remote Procedure Call (RPC) messages and is enabled by default on many versions of Microsoft Windows. When the service receives a request from the DCOM/RPC interface to allocate memory, the size of the memory to be allocated is user-specified. A failure to check the size of the requested allocation and to reclaim discarded memory may lead to a resource exhaustion and cause a denial of service condition. The following systems are affected:

  • Windows XP
  • Windows Server 2003
  • Windows 2000

For more infomation please see Microsoft Security Bulletin MS04-012 and eEye Digital Security Advisory [AD20040413A].


A remote attacker can consume all available memory causing a denial-of-service condition.


Apply a patch from the vendor

Microsoft Security Bulletin MS04-012 contains patch information to resolve this issue.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Microsoft CorporationAffected-14 Apr 2004
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A



Thanks to Microsoft and eEye Digital Security for reporting this vulnerability.

This document was written by Jason A Rafail.

Other Information

  • CVE IDs: CAN-2004-0116
  • Date Public: 13 Apr 2004
  • Date First Published: 14 Apr 2004
  • Date Last Updated: 14 Apr 2004
  • Severity Metric: 3.80
  • Document Revision: 3


If you have feedback, comments, or additional information about this vulnerability, please send us email.