---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,700 different Windows applications. Request your account, the Secunia Network Software Inspector (NSI): http://secunia.com/network_software_inspector/ ---------------------------------------------------------------------- TITLE: Microsoft Windows RPC Authentication Denial of Service SECUNIA ADVISORY ID: SA27134 VERIFY ADVISORY: http://secunia.com/advisories/27134/ CRITICAL: Less critical IMPACT: DoS WHERE: >From local network OPERATING SYSTEM: Microsoft Windows XP Professional http://secunia.com/product/22/ Microsoft Windows XP Home Edition http://secunia.com/product/16/ Microsoft Windows Vista http://secunia.com/product/13223/ Microsoft Windows Server 2003 Web Edition http://secunia.com/product/1176/ Microsoft Windows Server 2003 Standard Edition http://secunia.com/product/1173/ Microsoft Windows Server 2003 Enterprise Edition http://secunia.com/product/1174/ Microsoft Windows Server 2003 Datacenter Edition http://secunia.com/product/1175/ Microsoft Windows Storage Server 2003 http://secunia.com/product/12399/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due an error when processing RPC authentication requests. This can be exploited to cause the system to stop responding by sending specially crafted RPC authentication requests to an affected system. SOLUTION: Apply updates. Windows XP SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=1fee539c-ab86-4298-b6f4-22ce31ee7b8b Windows XP Professional x64 Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=ac7bd100-0a03-426b-adc8-0516c602a280 Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=011593a0-f37e-4578-bee1-a985639b521b Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyId=e9bb8df5-f39e-4473-9d0c-e84430c7f859 Windows Server 2003 for Itanium-based Systems (SP1/SP2): http://www.microsoft.com/downloads/details.aspx?FamilyId=492ae87c-047c-45c1-ad04-ee36352de85b Windows Vista: http://www.microsoft.com/downloads/details.aspx?FamilyId=ceca7f8c-7b56-48fc-8c17-87ffadf25629 Windows Vista x64 Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=7625f5a4-2921-41ce-986d-4cc0c264135c PROVIDED AND/OR DISCOVERED BY: The vendor credits the Zero Day Initiative. ORIGINAL ADVISORY: MS07-058 (KB933729): http://www.microsoft.com/technet/security/Bulletin/MS07-058.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------