Reported September 10, 2001, by Microsoft.


  • Microsoft Windows NT 4.0 Workstation

  • Microsoft Windows NT 4.0 Server

  • Microsoft Windows NT 4.0 Server, Enterprise Edition

  • Microsoft Windows NT Server 4.0, Terminal Server Edition


A vulnerability exists in NT 4.0 remote procedure call (RPC) endpoint mapper service that an attacker can use to cause a Denial of Service (DoS) condition. A problem in the service causes it to fail when an attacker sends a request that contains a particular type of malformed data.



The vendor, Microsoft, has released security bulletin MS01-048 to address this vulnerability and recommends that affected users apply the patch provided at its Web site. Microsoft will provide a patch for WTS at bulletin MS01-048 when the patch becomes available.


Discovered by Seiichi Tatsukawa of Rational Software.