Spyware Doctor
Spyware Doctor with AntiVirus
PC Tools AntiVirus
PC Tools Internet Security
PC Tools Firewall Plus
ThreatFire
Spam Monitor
Registry Mechanic
Desktop Maestro
File Recover
Privacy Guardian
Spyware Doctor Enterprise
Help me choose
Malformed RPC Request Can Cause Service Failure New
A security vulnerability exists in Windows NT 4.0, Windows 2000, SQL Server, and Exchange Server which could allow a malicious user to cause a denial of service by sending a malformed RPC request.
Issue
Several of the RPC servers associated with system services in Microsoft Exchange, SQL Server, Windows NT 4.0 and Windows 2000 do not adequately validate inputs, and in some cases will accept invalid inputs that prevent normal processing. The specific input values at issue here vary from RPC server to RPC server.
An attacker who sent such inputs to an affected RPC server could disrupt its service. The precise type of disruption would depend on the specific service, but could range in effect from minor (e.g., the service temporarily hanging) to major (e.g., the service failing in a way that would require the entire system to be restarted).
Affected Products
- Exchange Server 5.5 and 2000, SQL Server 7.0 and 2000, Windows NT 4.0 and Windows 2000
Solution
A software patch can be downloaded for the following applications:
- Exchange Server 5.5
- Exchange Server 2000 (included in SP1)
- SQL Server 7.0 (included in SP3)
- SQL Server 2000 (included in SP1)
- Windows NT 4.0 Workstation & Server
- Windows 2000 Professional & Server
Further Details
Source: Microsoft Corporation
Reference: Microsoft Corporation
Updated: July 26, 2001
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
