Microsoft Security Bulletin MS01-048

Yea, I know, really boring title, but hey, it's a bulletin none the less.

Malformed Request to RPC Endpoint Mapper can Cause RPC Service to Fail

Who should read this bulletin: System administrators using Microsoft® Windows NT® 4.0

Impact of vulnerability: Denial of service.

Recommendation: System administrators should apply the patch to servers that offer RPC-based services.

Affected Software: Microsoft Windows NT 4.0

The RPC endpoint mapper allows RPC clients to determine the port number currently assigned to a particular RPC service. The Windows NT 4.0 endpoint mapper contains a flaw that causes it to fail upon receipt of a request that contains a particular type of malformed data.

Because the endpoint mapper runs within the RPC service itself, exploiting this vulnerability would cause the RPC service itself to fail, with the attendant loss of any RPC-based services the server offers, as well as potential loss of some COM functions. Normal service could be restored by rebooting the server.

View Security Bulletin: Malformed Request to RPC Endpoint Mapper can Cause RPC Service to Fail

Download: Patch for Windows NT 4.0 systems

Report a problem with article
Next Article

Office XP Resource Kit Update

Previous Article

3DFiles to close down

-1 Comments - Add comment

Advertisement