Secunia

Microsoft has issued an advisory regarding multiple vulnerabilities in RPC/DCOM, where the most serious can potentially lead to a system compromise.

1) A race condition within the DCOM RPC interface when processing activation requests can be exploited by malicious people to gain SYSTEM privileges on a vulnerable system via two specially crafted activation requests initiated simultaneously.

This issue was also described in:
SA9978

2) An input validation error within the handling of RPC DCOM requests may cause the RPCSS service to consume all available memory. This can be exploited by sending a request packet with an extremely large value in the length field. Successful exploitation may lead to a Denial of Service.

3) Attackers may cause a Denial of Service by sending a specially crafted reply to messages forwarded through CIS or RPC over HTTP Proxy components.

4) Object identities are created in a way, which allows malicious people to cause applications to listen on unexpected ports. This could potentially be exploited to launch other attacks.

Solution
Apply patches manually or via Windows Update.
Further details available in Customer Area

Provided and/or discovered by
1 and 2) Riley Hassell, eEye Digital Security.
3) Qualys
4) Todd Sabin, BindView.

Changelog
Further details available in Customer Area

Original Advisory
Microsoft MS04-012:
http://www.microsoft.com/technet/security/bulletin/ms04-012.mspx

eEye Digital Security:
http://www.eeye.com/html/Research/Advisories/AD20040413A.html
http://www.eeye.com/html/Research/Advisories/AD20040413B.html

Other references
Further details available in Customer Area

Deep Links
Links available in Customer Area