Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 MS-RPC:OF:SRV-SVC-1

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 MS-RPC

Keywords

 Microsoft Server Service Overflow (1)

Release Date

 2006/02/17

Update Number

 1213

Supported Platforms

 di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

MS-RPC: Microsoft Server Service Overflow (1)


This signature detects attempts to exploit a known vulnerability in Microsoft Windows Server service (srvsvc). A remote attacker can send a maliciously crafted RPC requests to the problematic service; thus leading to a denial-of-service condition.

Extended Description

Microsoft Windows Plug and Play service is prone to a denial of service condition. This issue is caused by a malformed request to the service that causes virtual memory consumption. On Windows XP, a remote attacker must authenticate over RPC to exploit this issue using the originally described attack vector. Update: A reliable source has indicated that this issue is anonymously exploitable via named pipes or other MSRPC calls on Microsoft Windows XP SP2. This issue may be exploited by differing attack vectors than originally described by Microsoft.

Affected Products

  • Microsoft Windows 2000 Advanced Server SP1
  • Microsoft Windows 2000 Advanced Server SP2
  • Microsoft Windows 2000 Advanced Server SP3
  • Microsoft Windows 2000 Advanced Server SP4
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Datacenter Server SP1
  • Microsoft Windows 2000 Datacenter Server SP2
  • Microsoft Windows 2000 Datacenter Server SP3
  • Microsoft Windows 2000 Datacenter Server SP4
  • Microsoft Windows 2000 Datacenter Server
  • Microsoft Windows 2000 Professional SP1
  • Microsoft Windows 2000 Professional SP2
  • Microsoft Windows 2000 Professional SP3
  • Microsoft Windows 2000 Professional SP4
  • Microsoft Windows 2000 Professional
  • Microsoft Windows 2000 Server SP1
  • Microsoft Windows 2000 Server SP2
  • Microsoft Windows 2000 Server SP3
  • Microsoft Windows 2000 Server SP4
  • Microsoft Windows 2000 Server
  • Microsoft Windows XP Home SP1
  • Microsoft Windows XP Home
  • Microsoft Windows XP Media Center Edition SP1
  • Microsoft Windows XP Media Center Edition
  • Microsoft Windows XP Professional SP1
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Tablet PC Edition SP1
  • Microsoft Windows XP Tablet PC Edition

References

  • BugTraq: 15460
  • CVE: CVE-2005-3644
  • CVE: CVE-2007-2446

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out