This indicates a possible attempt to exploit an information disclosure vulnerability in some versions of Microsoft Windows.
The vulnerability can be exploited by using hardcoded named pipes which allow for NULL sessions using the svcctl interface. As a result a remote attacker can list installed or running services on an affected computer.
Microsoft Windows 2000 Advanced Server SP4
Microsoft Windows 2000 Datacenter Server SP4
Microsoft Windows 2000 Professional SP4
Microsoft Windows 2000 Server SP4
Microsoft has released patches to fix this issue. Please visit the Windows Update Center to download the patches specific to your platform.