From: Secunia Security Advisories (sec-advsecunia.com)
Date: Tue Oct 09 2007 - 17:07:07 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

----------------------------------------------------------------------

Try a new way to discover vulnerabilities that ALREADY EXIST in your
IT infrastructure.

The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT
vulnerabilities in more than 4,700 different Windows applications.

Request your account, the Secunia Network Software Inspector (NSI):
http://secunia.com/network_software_inspector/

----------------------------------------------------------------------

TITLE:
Microsoft Windows RPC Authentication Denial of Service

SECUNIA ADVISORY ID:
SA27134

VERIFY ADVISORY:
http://secunia.com/advisories/27134/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
From local network

OPERATING SYSTEM:
Microsoft Windows XP Professional
http://secunia.com/product/22/
Microsoft Windows XP Home Edition
http://secunia.com/product/16/
Microsoft Windows Vista
http://secunia.com/product/13223/
Microsoft Windows Server 2003 Web Edition
http://secunia.com/product/1176/
Microsoft Windows Server 2003 Standard Edition
http://secunia.com/product/1173/
Microsoft Windows Server 2003 Enterprise Edition
http://secunia.com/product/1174/
Microsoft Windows Server 2003 Datacenter Edition
http://secunia.com/product/1175/
Microsoft Windows Storage Server 2003
http://secunia.com/product/12399/

DESCRIPTION:
A vulnerability has been reported in Microsoft Windows, which can be
exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due an error when processing RPC
authentication requests. This can be exploited to cause the system to
stop responding by sending specially crafted RPC authentication
requests to an affected system.

SOLUTION:
Apply updates.

Windows XP SP2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=1fee539c-ab86-4298-b6f4-22ce31ee7b8b

Windows XP Professional x64 Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=ac7bd100-0a03-426b-adc8-0516c602a280

Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=011593a0-f37e-4578-bee1-a985639b521b

Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?FamilyId=e9bb8df5-f39e-4473-9d0c-e84430c7f859

Windows Server 2003 for Itanium-based Systems (SP1/SP2):
http://www.microsoft.com/downloads/details.aspx?FamilyId=492ae87c-047c-45c1-ad04-ee36352de85b

Windows Vista:
http://www.microsoft.com/downloads/details.aspx?FamilyId=ceca7f8c-7b56-48fc-8c17-87ffadf25629

Windows Vista x64 Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=7625f5a4-2921-41ce-986d-4cc0c264135c

PROVIDED AND/OR DISCOVERED BY:
The vendor credits the Zero Day Initiative.

ORIGINAL ADVISORY:
MS07-058 (KB933729):
http://www.microsoft.com/technet/security/Bulletin/MS07-058.mspx

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]