• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows MSRPC SVCCTL Service Enumeration Vulnerability

Microsoft Windows is affected by a vulnerability that can allow anonymous remote attackers to enumerate installed or running services on an affected computer.

This issue may be exploited using hardcoded named pipes allowed for NULL sessions combined with svcctl interface and Microsoft Remote Procedure Call framework (MSRPC).