Denial of Service Condition in Microsoft Windows NT 4.0 Endpoint Mapper Service

Reported September 10, 2001, by Microsoft.


  • Microsoft Windows NT 4.0 Workstation

  • Microsoft Windows NT 4.0 Server

  • Microsoft Windows NT 4.0 Server, Enterprise Edition

  • Microsoft Windows NT Server 4.0, Terminal Server Edition


A vulnerability exists in NT 4.0 remote procedure call (RPC) endpoint mapper service that an attacker can use to cause a Denial of Service (DoS) condition. A problem in the service causes it to fail when an attacker sends a request that contains a particular type of malformed data.



The vendor, Microsoft, has released security bulletin MS01-048 to address this vulnerability and recommends that affected users apply the patch provided at its Web site. Microsoft will provide a patch for WTS at bulletin MS01-048 when the patch becomes available.


Discovered by Seiichi Tatsukawa of Rational Software.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.