Kr0m
OSNN Veteran Addict
- Joined
- 4 Dec 2001
- Messages
- 1,392
I'll post this here as well as the news section, due to the seriousness of this vulnerability.
Apparently there was a vulnerability found in Windows 2000 and XP on October 18, 2002 that Microsoft hasn't made users aware of. I can't seem to find any info regarding this matter on the MS site.
To quote Dave Aitel at Immunitysec.com:
"The vulnerability itself is within the DCE-RPC stack of Windows 2000 and related OS's. This vulnerability allows anyone who can connect to port 135 TCP to disable the RPC service. Disabling the RPC service causes the machine to stop responding to new RPC requests, disabling almost all functionality.
Alleviation:
Block port tcp/135 from network connections. There are also configuration changes that can make you immune to this attack, but these are not completely known at this time."
More info at:
Immunity Security Vulnerability Sharing Club
and
Security Tracker
I have personally had the 'pleasure' of experiencing this DoS. The culpret sent data to port 135 on my machine which in turn caused it to reboot. This could potentially be the next Winnuke if people don't protect themselves from this vulnerability, and if Microsoft does not soon come out with some way to fix this problem without using a firewall.
Apparently there was a vulnerability found in Windows 2000 and XP on October 18, 2002 that Microsoft hasn't made users aware of. I can't seem to find any info regarding this matter on the MS site.
To quote Dave Aitel at Immunitysec.com:
"The vulnerability itself is within the DCE-RPC stack of Windows 2000 and related OS's. This vulnerability allows anyone who can connect to port 135 TCP to disable the RPC service. Disabling the RPC service causes the machine to stop responding to new RPC requests, disabling almost all functionality.
Alleviation:
Block port tcp/135 from network connections. There are also configuration changes that can make you immune to this attack, but these are not completely known at this time."
More info at:
Immunity Security Vulnerability Sharing Club
and
Security Tracker
I have personally had the 'pleasure' of experiencing this DoS. The culpret sent data to port 135 on my machine which in turn caused it to reboot. This could potentially be the next Winnuke if people don't protect themselves from this vulnerability, and if Microsoft does not soon come out with some way to fix this problem without using a firewall.