![]() ![]() MS Security Bulletin outlines another critical Buffer Overrun RPC vulnerability that can be exploited via ports 135, 139, 445, 593 (or any other specifically configured RPC port). To stop the popups you'd need to filter port 135 at the firewall level or stop the messenger service. Port 135 is used by Messenger Service (not MSN Messenger) and exploited in popup net send messenger spam. Alternatively, you can upgrade/patch your OS (there is patch downloadable from Microsoft), or you can close port 135. To restore normal functionality victim has to reboot the system. RPC contains a flaw that causes it to fail upon receipt of a request that contains a particular type of malformed data. There is a RPC (a RPC's Endpoint Mapper component) vulnerability in Windows NT where a malformed request to port 135 could cause denial of service (DoS). ![]() If you have remote users who VPN into your network, you might need to open this port on the firewall to allow access to the Exchange server. Remote Procedure Call (RPC) port 135 is used in client/server applications (might be on a single machine) such as Exchange clients, the recently exploited messenger service, as well as other Windows NT/2K/XP software. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |