SMB: Microsoft Windows RPC UPnP Memory Allocation Denial of Service
This signature detects attempts to exploit a known flaw in the Microsoft Windows Plug and Play service. A successful attack can result in a denial-of-service condition.
Extended Description
Microsoft Windows Plug and Play service is prone to a denial of service condition. This issue is caused by a malformed request to the service that causes virtual memory consumption. On Windows XP, a remote attacker must authenticate over RPC to exploit this issue using the originally described attack vector. Update: A reliable source has indicated that this issue is anonymously exploitable via named pipes or other MSRPC calls on Microsoft Windows XP SP2. This issue may be exploited by differing attack vectors than originally described by Microsoft.
Affected Products
Microsoft windows_xp_media_center_edition
Short Name
SMB:NETBIOS:WIN-RPC-UPNP-DOS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SMB
Keywords
Allocation CVE-2005-3644 Denial Memory Microsoft RPC Service UPnP Windows bid:15460 of
Release Date
08/07/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.8