Microsoft Windows XP/2000/NT 4 RPC Service Denial of Service Vulnerability 3

2002-10-18T00:00:00
ID EDB-ID:21953
Type exploitdb
Reporter Rapid7
Modified 2002-10-18T00:00:00

Description

Microsoft Windows XP/2000/NT 4 RPC Service Denial of Service Vulnerability (3). CVE-2002-1561. Dos exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/6005/info
  
The Microsoft Windows RPC service contains a flaw that may allow a remote attacker to cause a denial of service. By sending a specifically malformed packet to TCP port 135, the RPC service will be disabled.
  
This vulnerability was originally reported to only affect Windows 2000. Microsoft has confirmed that Windows NT 4.0 and XP are also vulnerable.
  
It has been reported that installation of the provided patch will cause some problems in IIS environments. Specifically, users who are using COM+ in IIS environments may experience problems with ASP transactions.
  
A variant of this issue has been reported which allegedly affects patched systems. It is apparently possible to trigger this variant by flooding a system with malformed packets. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21953.tar.gz