MS.Windows.RRAS.DoS
Description
This indicates an attempt to exploit a denial of service vulnerability in the RRAS service of Microsoft Windows.
The vulnerability is a result of a NULL pointer dereference error in the Routing and Remote Access Service (RRAS), which occurs when processing specially crafted requests. A remote attacker can exploit this to crash a vulnerable system, creating a denial of service condition.
Affected Products
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 (Itanium)
Microsoft Windows Server 2003 SP1 (Itanium)
Microsoft Windows Server 2003 x64 Edition
Impact
Denial of Service.
Recommended Actions
Restrict access to UDP ports 135, 137, 138, and 445, and TCP ports 135, 139, 445, and 593.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |