PT-2010-4258 · Microsoft · Windows Server 2003+1

Andrew Bartlett

Published

2010-12-16

Updated

2019-02-26

CVE-2010-2742

CVSS v2.0

5.4

Medium

Vector

AV:N/AC:H/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2008 Gold, SP2, and R2

Description The issue concerns a denial of service (NULL pointer dereference and reboot) in the Netlogon RPC Service when the domain controller role is enabled. This can be triggered by remote attackers via a crafted RPC packet.

Recommendations For Microsoft Windows Server 2003 SP2, update to a version that includes the fix for this issue. For Microsoft Windows Server 2008 Gold, SP2, and R2, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the Netlogon RPC Service to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2010-2742

Affected Products

Windows Server 2003

Windows Server 2008

PT-2010-4258 · Microsoft · Windows Server 2003+1

CVE-2010-2742

Related Identifiers

Affected Products

References · 5