MediumCheck or Attack Name: NTnprpcDoS
A vulnerability in the RPC services of Windows NT 4.0 through SP4 could allow a remote attacker to cause the machine to consume all available memory and processor resources, and eventually hang the machine. The attack is exploited by connecting to either the SPOOLSS.EXE and LSASS.EXE service over a named pipe and sending random data.
Microsoft has made the post-SP4 nprpc-fix hotfix available for Windows NT. Users are encouraged to apply this patch as soon as possible.
Microsoft Knowledge Base Article Q195733, Denial of Service in Applications Using RPC over Named Pipes, http://support.microsoft.com/support/kb/articles/q195/7/33.asp
Microsoft Knowledge Base Article Q195733, Denial of Service in Applications Using RPC over Named Pipes, http://www.microsoft.com/security/bulletins/ms98-017.asp
