Microsoft Malformed RPC Packet Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

Microsoft Malformed RPC Packet Buffer Overflow Vulnerability

A denial of service vulnerability has been reported for RPC applications built using Microsoft Services for Unix Interix SDK.

This vulnerability is the result of RPC clients transmitting data in variable sized fragments. When RPC servers receive malformed fragments, the buffer overflow condition is triggered resulting in the RPC server failing to respond.