TechSpot

Buffer Overrun In RPC Could Allow Code Execution

By TS | Thomas
Jul 16, 2003
  1. Affected Software:
    Microsoft Windows NT 4.0
    Microsoft Windows NT 4.0 Terminal Services Edition
    Microsoft Windows 2000
    Microsoft Windows XP
    Microsoft Windows Server 2003

    The vulnerability results because the Windows RPC service does not properly check message inputs under certain circumstances. This particular failure affects an underlying Distributed Component Object Model (DCOM) interface, which listens on TCP/IP port 135. By sending a malformed RPC message, an attacker could cause the RPC service on a machine to fail in such a way that arbitrary code could be executed. interface with RPC on the remote machine to fail in such a way that arbitrary code could be executed.

    Patch availability
    Download locations for this patch
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...