Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Windows : Microsoft Bulletins --> Category: infos

Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350) Vulnerability Scan


Vulnerability Scan Summary
Acertains if hotfix 873350 has been installed

Detailed Explanation for this Vulnerability Test

Synopsis :

It is possible to crash the remote web server or retrieve sensitive information.

Description :
The remote Windows operating system contains a bug in RPC Runtime Library.

RPC is a protocol used by Windows to provide an inter-process communication
mechanism which allows a program running on one system to access services on
another one.

A bug affecting the implementation of this protocol may allow a possible hacker
to cause it to crash, thus resulting in a crash of the whole operating system,
or to disclose random parts of the memory of the remote host.

A possible hacker may exploit this flaw to obtain sensitive information about the
remote host, by forcing it to disclose portions of memory containing passwords,
or to cause it to crash repeatedly, thus causing a denial of service for
legitimate users.

Solution :

Microsoft has released a patch for Windows NT:

http://www.microsoft.com/technet/security/bulletin/ms04-029.mspx

Threat Level:

High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:C/I:N/B:A)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.