CERTA-2000-AVI-047
Vulnerability from certfr_avis

Un utilisateur mal intentionné peut arrêter à distance le service RPC en lui envoyant par le réseau des paquets malformés.

Description

Un utilisateur mal intentionné peut, en envoyant des paquets RPC mal formés, bloquer à distance les services RPC d'une machine sous Windows 2000. Une fois le service bloqué, la seul façon de le relancer est de redémarrer la machine.

Contournement provisoire

Pour se prémunir contre les attaques provenant d'Internet, vous devez avoir un garde-barrière (firewall) qui bloque les ports 135 à 139 et le port 445.

Solution

Appliquer le correctif de Microsoft :

http://www.microsoft.com/Downloads/Release.asp?ReleaseID=24229

Windows 2000 toutes versions.

Impacted products
Vendor Product Description
References

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eWindows 2000 toutes versions.\u003c/P\u003e",
  "content": "## Description\n\nUn utilisateur mal intentionn\u00e9 peut, en envoyant des paquets RPC mal\nform\u00e9s, bloquer \u00e0 distance les services RPC d\u0027une machine sous Windows\n2000. Une fois le service bloqu\u00e9, la seul fa\u00e7on de le relancer est de\nred\u00e9marrer la machine.\n\n## Contournement provisoire\n\nPour se pr\u00e9munir contre les attaques provenant d\u0027Internet, vous devez\navoir un garde-barri\u00e8re (firewall) qui bloque les ports 135 \u00e0 139 et le\nport 445.\n\n## Solution\n\nAppliquer le correctif de Microsoft :\n\n    http://www.microsoft.com/Downloads/Release.asp?ReleaseID=24229\n",
  "cves": [],
  "initial_release_date": "2000-09-12T00:00:00",
  "last_revision_date": "2000-09-12T00:00:00",
  "links": [
    {
      "title": "L\u0027avis et la FAQ de l\u0027avis Microsoft :",
      "url": "http://www.microsoft.com/technet/security/bulletin/ms00-066.asp"
    }
  ],
  "reference": "CERTA-2000-AVI-047",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2000-09-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": "Un utilisateur mal intentionn\u00e9 peut arr\u00eater \u00e0 distance le service RPC en\nlui envoyant par le r\u00e9seau des paquets malform\u00e9s.\n",
  "title": "Vuln\u00e9rabilit\u00e9 de RPC sous Windows2000",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft",
      "url": null
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.