MS.RRAS.RasRpcSubmitRequest.Buffer.Overflow
Description
This indicates an attack attempt against a buffer-overflow vulnerability in the Windows RRAS service.
The vulnerability is caused by a boundary checking error when handling certain DCERPC requests. This can be exploited by attackers to execute arbitrary code via certain crafted DCERPC requests.
Affected Products
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the patch, available from the vendor's website:
http://www.microsoft.com/technet/security/Bulletin/MS06-025.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |