The vulnerability of DCE/RPC DNS software for communicating with Samba network drives relates to default access rights settings, allowing a perpetrator to cause service failure.

The vulnerability of the DCE/RPC DNS software component for communicating with Samba network drives is related to an error in the RPC dnsserver communication channel, which allows for changes to DNS records and zones. Exploiting this vulnerability can enable a remote attacker to cause service...

The vulnerability in the DCE-RPC interaction interface of Siemens’ software and hardware infrastructure allows a perpetrator to trigger a service failure.

The vulnerability of the DCE-RPC interaction interface of Siemens’ software and hardware infrastructure is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow attackers to cause service failures...

PT-2020-2433 · Siemens · Profinet-Io

Name of the Vulnerable Software and Affected Versions: Profinet-IO PNIO stack versions prior to V06.00 Description: The issue is related to an uncontrolled resource consumption in the DCE-RPC interface of Siemens hardware and software. This could lead to a denial of service condition due to lack ...

samba: Client side SMB2/3 required signing can be downgraded

A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server...

samba: crash in dcesrv_auth_bind_ack due to missing error check

Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server high CPU load or a crash or, possibly, execute arbitrary code with the permissions of the user running Samba root. Thi...

samba: crash in dcesrv_auth_bind_ack due to missing error check

Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server high CPU load or a crash or, possibly, execute arbitrary code with the permissions of the user running Samba root. Thi...

UBUNTU-CVE-2015-5370

Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service application crash or CPU consumption, or possibly execute arbitrary code on a...

VPN Tunnel Detection via HTTP CONNECT

Binary data 3177.prm...

Indian Government approved National Cyber Security Policy

The IT sector has become one of the most significant growth catalysts for the Indian economy. The government approved the National Cyber Security Policy that aims to create a secure computing environment in the country and build capacities to strengthen the current set up with focus on manpower...

CVE-2012-0131

Distributed Computing Environment DCE 1.8 and 1.9 on HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

DCE-RPC Big Endian Evasion Technique

DCE/RPC stands for "Distributed Computing Environment / Remote Procedure Calls". It is a Remote Procedure Call system that allows software to work across multiple computers, as if it were all working on the same computer. This system allows programmers to write distributed software without having...

Security Best Practice: Protect Yourself from MS-RPC and DCE-RPC Vulnerabilities

DCE/RPC stands for "Distributed Computing Environment / Remote Procedure Calls". It is a Remote Procedure Call system that allows software to work across multiple computers, as if it were all working on the same computer. This system allows programmers to write distributed software without having...

Bind Acks with Invalid Return Ports

DCE/RPC stands for Distributed Computing Environment / Remote Procedure Calls. It is a Remote Procedure Call system that allows software to work across multiple computers, as if it were all working on the same computer. This system allows programmers to write distributed software without having t...

Invalid Bind NAK Messages

DCE/RPC stands for Distributed Computing Environment / Remote Procedure Calls. It is a Remote Procedure Call system that allows software to work across multiple computers, as if it were all working on the same computer. This system allows programmers to write distributed software without having t...

CVE-2003-0746

Various Distributed Computing Environment DCE implementations, including HP OpenView, allow remote attackers to cause a denial of service process hang or termination via certain malformed inputs, as triggered by attempted exploits against the vulnerabilities CVE-2003-0352 or CVE-2003-0605, such a...

Multiple Open Software Foundation Distributed Computing Environment (DCE) implementations vulnerable to DoS

Overview A denial-of-service vulnerability exists in multiple vendor implementations of the Distributed Computing Environment. This vulnerability may allow a remote attacker to cause the service to fail. Note that this vulnerability may be triggered by attackers attempting to exploit VU568148 and...

DCE Services Enumeration

By sending a Lookup request to the portmapper TCP 135 or epmapper PIPE it was possible to enumerate the Distributed Computing Environment DCE services running on the remote port. Using this information it is possible to connect and bind to each service by sending an RPC request to the remote...