Reported October 12, 2004, by Microsoft

VERSIONS AFFECTED

  • Windows NT Server 4.0 Service Pack 6a (SP6a)
  • Windows NT Server 4.0 Terminal Server Edition (WTS) SP6

DESCRIPTION
A vulnerability in NT 4.0's remote procedure call (RPC) runtime library could result in a Denial of Service (DoS) condition or the leakage of active memory content.

VENDOR RESPONSE
Microsoft has released bulletin MS04-029, "Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)," to address this vulnerability and recommends that affected users apply the appropriate patch listed in the bulletin.

CREDIT
Discovered by BindView.