• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Remote Procedure Call Service DoS Vulnerability

There is an inconsistency between the interface definitions in certain RPC server stubs and the remote server's input validation code.

If certain input is validated by the interface definition, there is a chance that the target server will not properly validate the input. Thus, possibly impacting the server's performance and other applications running on the affected host.

The RPC servers associated with system services in Exchange, SQL, Windows NT 4.0 and Windows 2000 are subject to this issue.