Signature Detail
Short Name |
MS-RPC:SPOOLER-DLL-LOAD |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
MS-RPC |
Keywords |
Spooler DLL Loader |
Release Date |
2009/06/09 |
Update Number |
1449 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
MS-RPC: Spooler DLL Loader
This signature detects attempts to exploit a known vulnerability in the Windows 2000 print spooler. A successful attack can lead to loading arbitrary DLL libraries module and arbitrary remote code execution within the context of the server.
Extended Description
Microsoft Windows is prone to a remote code-execution vulnerability that affects the Print Spooler service. A remote authenticated attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges, which can result in the complete compromise of affected computers.
Affected Products
- Avaya Messaging Application Server MM 1.1
- Avaya Messaging Application Server MM 2.0
- Avaya Messaging Application Server MM 3.0
- Avaya Messaging Application Server MM 3.1
- Avaya Messaging Application Server
- Microsoft Windows 2000 Advanced Server SP4
- Microsoft Windows 2000 Datacenter Server SP4
- Microsoft Windows 2000 Professional SP4
- Microsoft Windows 2000 Server SP4
- Microsoft Windows Server 2003 SP2
- Microsoft Windows Server 2003 Itanium SP2
- Microsoft Windows Server 2003 x64 SP2
- Microsoft Windows Server 2008 for 32-bit Systems SP2
- Microsoft Windows Server 2008 for 32-bit Systems
- Microsoft Windows Server 2008 for Itanium-based Systems SP2
- Microsoft Windows Server 2008 for Itanium-based Systems
- Microsoft Windows Server 2008 for x64-based Systems SP2
- Microsoft Windows Server 2008 for x64-based Systems
- Microsoft Windows Vista Business
- Microsoft Windows Vista Business SP1
- Microsoft Windows Vista Business SP2
- Microsoft Windows Vista Enterprise
- Microsoft Windows Vista Enterprise SP1
- Microsoft Windows Vista Enterprise SP2
- Microsoft Windows Vista Home Basic
- Microsoft Windows Vista Home Basic SP1
- Microsoft Windows Vista Home Basic SP2
- Microsoft Windows Vista Home Premium
- Microsoft Windows Vista Home Premium SP1
- Microsoft Windows Vista Home Premium SP2
- Microsoft Windows Vista SP1
- Microsoft Windows Vista SP2
- Microsoft Windows Vista Ultimate
- Microsoft Windows Vista Ultimate SP1
- Microsoft Windows Vista Ultimate SP2
- Microsoft Windows Vista Business 64-bit edition SP1
- Microsoft Windows Vista Business 64-bit edition SP2
- Microsoft Windows Vista Business 64-bit edition
- Microsoft Windows Vista Enterprise 64-bit edition SP1
- Microsoft Windows Vista Enterprise 64-bit edition SP2
- Microsoft Windows Vista Enterprise 64-bit edition
- Microsoft Windows Vista Home Basic 64-bit edition SP1
- Microsoft Windows Vista Home Basic 64-bit edition SP2
- Microsoft Windows Vista Home Basic 64-bit edition
- Microsoft Windows Vista Home Premium 64-bit edition SP1
- Microsoft Windows Vista Home Premium 64-bit edition SP2
- Microsoft Windows Vista Home Premium 64-bit edition
- Microsoft Windows Vista Ultimate 64-bit edition SP1
- Microsoft Windows Vista Ultimate 64-bit edition SP2
- Microsoft Windows Vista Ultimate 64-bit edition
- Microsoft Windows Vista x64 Edition SP1
- Microsoft Windows Vista x64 Edition SP2
- Microsoft Windows Vista x64 Edition
- Microsoft Windows XP Home SP2
- Microsoft Windows XP Home SP3
- Microsoft Windows XP Media Center Edition SP2
- Microsoft Windows XP Media Center Edition SP3
- Microsoft Windows XP Professional SP2
- Microsoft Windows XP Professional SP3
- Microsoft Windows XP Professional x64 Edition SP2
- Microsoft Windows XP Tablet PC Edition SP2
- Microsoft Windows XP Tablet PC Edition SP3
- Nortel Networks Communication Control Toolkit
- Nortel Networks Contact Center Administration
- Nortel Networks Contact Center Administration CCMA 6.0
- Nortel Networks Contact Center Multimedia
- Nortel Networks Contact Center - TAPI Server
- Nortel Networks LinkPlexer 6.0
- Nortel Networks Self-Service - CCSS7
- Nortel Networks Self-Service CCXML
- Nortel Networks Self-Service Media Processing Server
- Nortel Networks Self-Service MPS 100
- Nortel Networks Self-Service MPS 1000
- Nortel Networks Self-Service MPS 500
- Nortel Networks Self-Service Peri Application
- Nortel Networks Self-Service - Peri Application Rel 3.0
- Nortel Networks Self-Service Peri Workstation
- Nortel Networks Self-Service Speech Server
- Nortel Networks Self Service VoiceXML
- Nortel Networks Self-Service WVADS
- Nortel Networks Symposium Agent
- Nortel Networks Symposium Express Call Center (SECC)
- Nortel Networks Symposium TAPI Service Provider
References
- CVE: CVE-2009-0230