MS01-048: RPC Endpoint Mapper Malformed Request DoS (305399)

This script is Copyright (C) 2001-2013 Michael Scheidell


Synopsis :

The remote host is affected by a denial of service vulnerability.

Description :

The hotfix for the 'RPC Endpoint Mapper Service on NT 4 has not been
applied' problem has not been applied.

Because the endpoint mapper runs within the RPC service itself,
exploiting this vulnerability would cause the RPC service to
fail, with the attendant loss of any RPC-based services the server
offers, as well as potential loss of some COM functions. Normal
service could be restored by rebooting the server.

See also :

http://technet.microsoft.com/en-us/security/bulletin/ms01-048

Solution :

Microsoft has released a patch for Windows NT 4.0.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 10806 ()

Bugtraq ID: 3313

CVE ID: CVE-2001-0662