Named Pipes Over RPC Issue

A vulnerability exists in the way Windows NT ® 4.0 handles named pipes over the Remote Procedure Call (RPC) services. An attacker could create a denial of service situation on a Windows NT 4.0 system by opening multiple named pipe connections to RPC services and sending random data.

Issue

The underlying problem is the way that Windows NT 4.0 attempts to shut down invalid named pipe RPC connections. An attacker could exploit this problem to create a denial of service condition by opening multiple named pipe connections and sending random data. When the RPC service attempts to close the invalid connections, the service consumes all CPU resources and memory use grows considerably, which may result in the system hanging. This is a denial of service vulnerability only; there is no risk of compromise or loss of data from the attacked system.

Different attack programs may target different system services. Two of the services typically targeted are the SPOOLSS and LSASS system service processes.

Affected Products

• Windows NT Server, Enterprise, Terminal Server and Workstation 4.0

Solution

Users should upgrade to the lastest version of Windows NT service pack which includes the required patches.

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: November 20, 1998

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<