Industry

Buffer Overrun In RPC Could Allow Code Execution

By Thomas McGuire July 16, 2003, 14:57

Serving tech enthusiasts for over 25 years.
TechSpot means tech analysis and advice you can trust.

Affected Software:
Microsoft Windows NT 4.0
Microsoft Windows NT 4.0 Terminal Services Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003

The vulnerability results because the Windows RPC service does not properly check message inputs under certain circumstances. This particular failure affects an underlying Distributed Component Object Model (DCOM) interface, which listens on TCP/IP port 135. By sending a malformed RPC message, an attacker could cause the RPC service on a machine to fail in such a way that arbitrary code could be executed. interface with RPC on the remote machine to fail in such a way that arbitrary code could be executed.

Patch availability
Download locations for this patch

0 comments 0 likes and shares

Tech Jobs: Find the next step in your career

Related Stories

Featured on TechSpot