Today, Microsoft release new security advisory for Memory allocation denial of service attack via RPC.
The proof of concept code is publicly available but no patch yet.
Only Microsoft Windows 2000 service pack 4 and Windows XP SP1 are affected by this vulnerability.
Windows XP SP2 and Windows 2003 are not affected by this vulnerability.
Following the MS security advisory, the vulnerability could allow an attacker to levy a denial of service attack of limited duration.
For succeed exploit attack, the attacker needs valid logon credentials.
If anyone who use Windows 2000 SP4 and Windows XP SP1, need to block unnecessary ports which are recommended by MS security advisory.
If you have any more information with public POC, please contact to us.
You can find more information from following MS Security Advisory.
Nov 17th 2005
1 decade ago