| VID |
26017 |
| Severity |
30 |
| Port |
139 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (Q272303) for the "Malformed RPC Packet" problem has not been applied.
This vulnerability could allow a malicious user to cause a Denial of Service on a Windows 2000 computer. The denial of service can occur when a malicious client sends a particular malformed RPC (Remote Procedure Call) packet to the server, causing the RPC service to fail. The server must be restarted to regain normal functionality. Windows 2000 servers that are directly exposed to the Internet are at greatest risk from this vulnerability.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* Platforms Affected:
Microsoft Windows 2000
* References:
http://www.iss.net/security_center/static/5222.php
http://www.microsoft.com/technet/security/bulletin/MS00-066.asp |
| Recommendation |
The server behind a firewall that blocks ports 135-139 and 445 will not be affected by this vulnerability from the Internet. Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS00-066. (http://www.microsoft.com/technet/security/bulletin/MS00-066.asp)
* Note: This patch will be included in the next Service Pack for Windows 2000 -- it can be applied to a computer with or without Service Pack 1. |
| Related URL |
CVE-2000-0544 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
