| VID |
26077 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Cumulative Update(KB828741) for Microsoft RPC/DCOM has not been applied.
This Cumulative Security Update resolves several newly-discovered vulnerabilities in RPC/DCOM, including support for all prior RPC/DCOM updates as listed in the below.
* The newly-discovered vulnerabilities:
- RPC Runtime Library Vulnerability(CAN-2003-0813): Remote Code Execution
- RPCSS Service Vulnerability(CAN-2004-0116): Denial Of Service
- COM Internet Services(CIS)-RPC over HTTP Vulnerability(CAN-2003-0807): Denial Of Service
- Object Identity Vulnerability(CAN-2004-0124): Information Disclosure
* The prior security updates:
- RPC Spoofing DoS Vulnerability: http://www.microsoft.com/technet/security/bulletin/MS98-014.mspx
- Malformed RPC Packet DoS Vulnerability (Q272303): http://www.microsoft.com/technet/security/bulletin/MS00-066.mspx
- RPC endpoint mapper DoS Vulnerability (Q305399): http://www.microsoft.com/technet/security/bulletin/MS00-066.mspx
- RPC endpoint mapper DoS Vulnerability (Q331953): http://www.microsoft.com/technet/security/bulletin/MS03-010.mspx
- RPC Interface Code Execution Vulnerability (KB823980): http://www.microsoft.com/technet/security/bulletin/MS03-026.mspx
- RPCSS Service Code Execution Vulnerability (KB824146): http://www.microsoft.com/technet/security/bulletin/MS03-026.mspx
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/MS04-012.mspx
* Platforms Affected:
Microsoft Windows XP, SP1, 64bit Edition SP1, 64bit Edition Version 2003
Microsoft Windows 2000 SP2, SP3, SP4
Microsoft Windows NT Server 4.0 SP6a, Workstation 4.0 SP6a, TSE SP6
Microsoft Windows Server 2003 64bit Edition |
| Recommendation |
Apply the appropriate patch for your system, as listed in the Microsoft Security Bulletin MS04-012 at http://www.microsoft.com/technet/security/bulletin/MS04-012.mspx
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2003-0813,CVE-2003-0807,CVE-2004-0116,CVE-2004-0124 (CVE) |
| Related URL |
8811,10123,10127,10121 (SecurityFocus) |
| Related URL |
13426,15709,15708,15711,15811 (ISS) |
|
