Reported September 11, 2000 by Microsoft

VERSIONS AFFECTED
  • Windows 2000 All Versions Including SP1

DESCRIPTION

A malicious user could cause a denial of service by sending a particular malformed RPC packet to a Windows 2000 machine.  In order to restore services after such an attack a reboot is required.

DEMONSTRATION

No demonstration is available.  This issue was reported by Microsoft and no known credit has been given to any other organizations.

Please note that Windows 2000 machines connected directly to the Internet are at the highest risk while Windows 2000 machines with ports 135-139 and 445 blocked are not at risk.

VENDOR RESPONSE

Microsoft has released a security advisory, MS00-066 and a patch that is available at; http://www.microsoft.com/Downloads/Release.asp?ReleaseID=24229

Microsoft has also made a FAQ available on this issue.

CREDIT
Discovered by
Microsoft