Denial of Service in Microsoft RPC Endpoint Mapper

Reported March 26, 2003, by Microsoft.





·         Windows XP

·         Windows 2000

·         Windows NT 4.0




A new vulnerability in Microsoft's RPC endpoint mapper, which handles message exchange over TCP/IP, can result in a Denial of Service (DoS) condition. This vulnerability is a result of incorrect handling of malformed messages. An attacker can exploit this vulnerability by establishing a TCP/IP connection to the endpoint mapper process on a remote machine and transmitting a malformed message. The process on the remote machine would then fail.




Microsoft has released Security Bulletin MS03-010, "Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks (331953)," to address this vulnerability and recommends that affected users immediately apply the patch mentioned in the bulletin.



Discovered by Jussi Jaakonaho.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.