WINDOWS DCE-RPC: UUID Bind
This signature detects attempts to bind to the DCE-RPC UUID. Because the DCE-RPC UUID has many known vulnerabilities, this can indicate that an attacker is attempting to attack your network. NOTE: If your network environment has valid DCE-RPC traffic, this signature can produce false positives.
Extended Description
An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an activation request with a large length field.
Affected Products
Microsoft windows_xp
References
CVE: CVE-2004-0116
Short Name
MS-RPC:DCE-RPC-UUID-BIND
Severity
Minor
Recommended
False
Recommended Action
None
Category
MS-RPC
Keywords
Bind CVE-2004-0116 UUID
Release Date
10/16/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
Vendors
Microsoft
CVSS Score
5.0