Denial of Service In Microsoft's Remote Procedure Call
Several of the remote procedure call (RPC) servers associated with the services of the Microsoft systems listed above might not validate input information properly.
July 28, 2001
Reported July 26, 2001, byMicrosoft.
VERSIONS AFFECTED
Microsoft Exchange Server 5.5
Microsoft Exchange 2000
Microsoft SQL Server 7.0
Microsoft SQL Server 2000
Microsoft Windows NT 4.0 Workstation, NT 4.0 Server, and NT 4.0 Server, Enterprise Edition
Microsoft Windows NT 4.0, Terminal Server Edition
Microsoft Windows 2000 Datacenter Server
DESCRIPTION
Severalof the remote procedure call (RPC) servers associated with the services of theMicrosoft systems listed above might not validate input information properly. Insome cases, these systems might accept invalid input information that candisrupt normal processing of legitimate requests. Specific values of invalidinput vary among RPC servers. A malicious attacker can exploit thisvulnerability by repeatedly sending these types of invalid RPC requests andcause a Denial of Service (DoS) attack.
VENDOR RESPONSE
Thevendor, Microsoft, has released securitybulletin MS01-041to address this vulnerability and recommends that users apply any of thefollowing patches that are relevant to their system:
Microsoft Exchange Server 5.5:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=31517
Microsoft Exchange Server 2000:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=31522
Exchange Server 2000 ServicePack 1 also contains this patch.
Microsoft SQL Server 7.0:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=31645
SQL Server 7.0 ServicePack 3 also contains this patch.
SQL Server 2000:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=31644
SQL Server 2000 ServicePack 1 also contains this patch.
Microsoft Windows NT 4.0 Workstation, Windows NT 4.0Server, and Windows NT 4.0 Server, Enterprise Edition:
Windows NT 4.0 SecurityRoll-up contains this patch.
MicrosoftWindows NT 4.0 Server, Terminal Server Edition:
Windows NT 4.0 Security Roll-up for Terminal Server will be included in thepatch (to be released shortly).
Windows 2000 Datacenter Server patches are hardwarespecific and available only through the OEM.
CREDIT
Discovered byBindview’s Razor Team.
Read more about:
MicrosoftAbout the Author
You May Also Like