Follow:

Vulnerability:Win/MSRPC.NRPC.DoS!CVE-2010-2742

Severity rating
Important

Class/Type
Vulnerability

Discovered date
2010-12-14T14:37:54

Attack vector
Remote

Authentication required
Yes

Public exploits available
No

Signature detection
Medium



On this page




Description

There is a remote authenticated vulnerability in the NETAPI RPC interface that can lead to a denial-of-service (reboot) on the domain controller.



Impact

An attacker could try to exploit the vulnerability by sending a specially crafted message to an affected system.



Technical details (analysis)

On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, any anonymous user with access to the target network could deliver a specially crafted network packet to the affected system in order to exploit this vulnerability. On Windows Vista and Windows Server 2008 systems, however, only an authenticated user with access to the target network could deliver a specially crafted network packet to the affected system in order to exploit this vulnerability.



Affected software

Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Server 2008 for 32-bit Systems
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for Itanium-based Systems



Non-affected software

All applications not on the affected list.



References




Solutions




NIS signature

Name: Vulnerability:Win/MSRPC.NRPC.DoS!CVE-2010-2742
Release Date: 2010-12-14T14:37:54



Known false positives

No known false positives at this time



Work-arounds

No known workarounds at this time