| VID |
26001 |
| Severity |
30 |
| Port |
135 |
| Protocol |
TCP,UDP |
| Class |
SMB |
| Detailed Description |
The hotfix for the 'RPC Endpoint Mapper can Cause RPC Service to Fail' problem has not been applied.
The RPC endpoint mapper allows RPC clients to determine the port number currently assigned to a particular RPC service. The Windows NT 4.0 endpoint mapper contains a flaw that causes it to fail upon receipt of a request that contains a particular type of malformed data.
Because the endpoint mapper runs within the RPC service itself, exploiting this vulnerability would cause the RPC service itself to fail, with the attendant loss of any RPC-based services the server offers, as well as potential loss of some COM functions. Normal service could be restored by rebooting the server.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.iss.net/security_center/static/7105.php
http://www.microsoft.com/technet/security/bulletin/MS01-048.asp
* Affected Software
Windows NT 4.0 |
| Recommendation |
Apply the patch for this vulnerability, as listed in Microsoft Security Bulletin MS01-048, http://www.microsoft.com/technet/security/bulletin/ms01-048.asp |
| Related URL |
CVE-2001-0662 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
