Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Windows :: win5766.htm

Win2000 RPC Service Port 135 DoS
21th Oct 2002 [SBWID-5766]

	RPC service port 135 remote DoS


	Windows 2000


	Thanks to Dave Aitel []  founder  of  Immunity,  Inc
	[] findings :


	The vulnerability itself is within the DCE-RPC  stack  of  Windows  2000
	and related OS's. This vulnerability allows anyone who  can  connect  to
	port 135 TCP to disable the  RPC  service.  Disabling  the  RPC  service
	causes the machine to stop responding to  new  RPC  requests,  disabling
	almost all functionality.

	This is a Denial Of Service via a  null  pointer  dereference,  and  not
	exploitable to gain permissions  on  the  remote  machine.  A  proof  of
	concept is available at

	This proof of concept Linux executable is derived from SPIKE 2.7  source
	code. Simply running SPIKE 2.7's msrpcfuzz is also  known  to  replicate
	this problem.




TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH