MS03-010: Microsoft Windows RPC Endpoint Manager Malformed Packet DoS (331953) (intrusive check)

Medium Nessus Plugin ID 11159


The remote Windows host is affected by a denial of service vulnerability.


MS Windows RPC service (RPCSS) crashes trying to dereference a NULL pointer when it receives a certain malformed request. All MS RPC-based services (i.e. a large part of MS Windows 2000+) running on the target machine are rendered inoperable.


Apply the patch referenced in the Microsoft bulletin.

See Also

Plugin Details

Severity: Medium

ID: 11159

File Name: msrpc-spike27.nasl

Version: $Revision: 1.27 $

Type: remote

Agent: windows

Family: Windows

Published: 2002/11/21

Modified: 2017/08/30

Dependencies: 17975

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2002/10/18

Reference Information

CVE: CVE-2002-1561

BID: 6005

OSVDB: 13414

MSFT: MS03-010

MSKB: 331953