MS-RPC: Microsoft Windows Invalid NetDDE Service
This signature detects attempts to exploit a known vulnerability against Microsoft Windows NetDDE Service RPC Interface. A successful attack can lead to arbitrary code execution.
Extended Description
Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability."
Affected Products
Microsoft windows_2000
Short Name
MS-RPC:INV:NETDDE-SVC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
MS-RPC
Keywords
CVE-2006-2370 Invalid Microsoft NetDDE Service Windows bid:18325
Release Date
04/22/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.5