• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Microsoft Remote Procedure Call Service DoS Vulnerability

Severity: MODERATE

Description:

Remote Procedure Call (RPC) is a protocol, which allows a program to utilize the services of another program on a remote system. When a user makes a request to a remote server, a client stub is issued and is forwarded to the remote procedure. When the server receives the request, a server stub unpackages the request and sends it to a server component to fulfill the request. Once the request is fulfilled the response is packaged in a server stub, and is then sent back to the client stub for unpackaging. The response is unpackaged and is forwarded to the appropriate client component.

The interface definition is used to describe the interface to a routine or function. Each request made to a server must adhere to a specific pattern/classification of the interface definitions. The server stub will refuse any request which doesn't correspond with the interface definition.

There is an inconsistency between the interface definitions in certain RPC server stubs and the remote server's input validation code.

If certain input is validated by the interface definition, there is a chance that the target server will not properly validate the input. Thus, possibly impacting the server and other applications running on the affected host.

The RPC servers associated with system services in Exchange, SQL, Windows NT 4.0 and Windows 2000 are subject to this issue.

A restart of the target host may be required in order to gain normal functionality.

Affected Products:

• Avaya DefinityOne Media Servers
• Avaya IP600 Media Servers
• Avaya S3400 Message Application Server
• Avaya S8100 Media Servers
• Microsoft Exchange Server 2000
• Microsoft Exchange Server 2000 SP1
• Microsoft Exchange Server 5.0
• Microsoft Exchange Server 5.0 SP1
• Microsoft Exchange Server 5.0 SP2
• Microsoft Exchange Server 5.5
• Microsoft Exchange Server 5.5 SP1
• Microsoft Exchange Server 5.5 SP2
• Microsoft Exchange Server 5.5 SP3
• Microsoft Exchange Server 5.5 SP4
• Microsoft SQL Server 2000
• Microsoft SQL Server 2000 SP1
• Microsoft SQL Server 7.0
• Microsoft SQL Server 7.0 SP1
• Microsoft SQL Server 7.0 SP2
• Microsoft SQL Server 7.0 SP3
• Microsoft Windows 2000 Advanced Server
• Microsoft Windows 2000 Advanced Server SP1
• Microsoft Windows 2000 Advanced Server SP2
• Microsoft Windows 2000 Datacenter Server
• Microsoft Windows 2000 Datacenter Server SP1
• Microsoft Windows 2000 Datacenter Server SP2
• Microsoft Windows 2000 Professional
• Microsoft Windows 2000 Professional SP1
• Microsoft Windows 2000 Professional SP2
• Microsoft Windows 2000 Server
• Microsoft Windows 2000 Server SP1
• Microsoft Windows 2000 Server SP2
• Microsoft Windows 2000 Terminal Services
• Microsoft Windows 2000 Terminal Services SP1
• Microsoft Windows 2000 Terminal Services SP2
• Microsoft Windows NT 4.0
• Microsoft Windows NT 4.0 SP1
• Microsoft Windows NT 4.0 SP2
• Microsoft Windows NT 4.0 SP3
• Microsoft Windows NT 4.0 SP4
• Microsoft Windows NT 4.0 SP5
• Microsoft Windows NT 4.0 SP6
• Microsoft Windows NT 4.0 SP6a
• Microsoft Windows NT Enterprise Server 4.0
• Microsoft Windows NT Enterprise Server 4.0 SP1
• Microsoft Windows NT Enterprise Server 4.0 SP2
• Microsoft Windows NT Enterprise Server 4.0 SP3
• Microsoft Windows NT Enterprise Server 4.0 SP4
• Microsoft Windows NT Enterprise Server 4.0 SP5
• Microsoft Windows NT Enterprise Server 4.0 SP6
• Microsoft Windows NT Enterprise Server 4.0 SP6a
• Microsoft Windows NT Server 4.0
• Microsoft Windows NT Server 4.0 SP1
• Microsoft Windows NT Server 4.0 SP2
• Microsoft Windows NT Server 4.0 SP3
• Microsoft Windows NT Server 4.0 SP4
• Microsoft Windows NT Server 4.0 SP5
• Microsoft Windows NT Server 4.0 SP6
• Microsoft Windows NT Server 4.0 SP6a
• Microsoft Windows NT Terminal Server 4.0
• Microsoft Windows NT Terminal Server 4.0 SP1
• Microsoft Windows NT Terminal Server 4.0 SP2
• Microsoft Windows NT Terminal Server 4.0 SP3
• Microsoft Windows NT Terminal Server 4.0 SP4
• Microsoft Windows NT Terminal Server 4.0 SP5
• Microsoft Windows NT Terminal Server 4.0 SP6
• Microsoft Windows NT Terminal Server 4.0 SP6a
• Microsoft Windows NT Terminal Server 4.0 alpha
• Microsoft Windows NT Workstation 4.0
• Microsoft Windows NT Workstation 4.0 SP1
• Microsoft Windows NT Workstation 4.0 SP2
• Microsoft Windows NT Workstation 4.0 SP3
• Microsoft Windows NT Workstation 4.0 SP4
• Microsoft Windows NT Workstation 4.0 SP5
• Microsoft Windows NT Workstation 4.0 SP6
• Microsoft Windows NT Workstation 4.0 SP6a

References:

• Microsoft: Malformed RPC Request Can Cause Service Problems
• Microsoft: Microsoft Security Bulletin MS01-041
• Microsoft: UPDATED: Microsoft Security Bulletin MS01-041
• Microsoft: Windows NT 4.0 Post-Service Pack 6a Security Rollup Package

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.