Revised August 11, 2003
August 1, 2003
Products Affected
|
Product |
|---|
|
BBSM 5.x and Hotspot 1.x |
Problem Description
Microsoft patch MS03-026 needs to be installed on any Building Broadband Service Manager (BBSM) server regardless of version immediately. This patch can be applied safely regardless of the service pack or BBSM patch revision history. Cisco Connection Online (CCO) now has a BBSM webpatch of this fix available. This allows customers to remotely patch their BBSM products. If MS03-026 has already been applied, it is not necessary to install this patch.
Background
BBSM now has a webpatch which is a remotely installable version of this ms hotfix available from CCO.
MS03-026 fixes a potential remote-procedure call (RPC) and Distributed Component Object Model (DCOM) exploit that affects all BBSM products and can safely be applied regardless of service pack or BBSM patch revision history.
Problem Symptoms
Problem symptoms are unknown at this time .
Workaround/Solution
Install MS03-026 from Microsoft
Block RPC interface ports at your firewall. Port 135 is used to initiate an RPC connection with a remote computer. In addition, there are other RPC interface ports that could be used by an attacker to remotely exploit this vulnerability. Blocking the following ports at the firewall will help prevent systems behind that firewall from being attacked by attempts to exploit this vulnerability
-
TCP/UDP Port 135
-
TCP/UDP Port 139
-
TCP/UDP Port 445
In addition, customers may have configured services or protocols that use RPC that might also be accessible from the Internet. Systems administrators are strongly encouraged to examine RPC ports that are exposed to the Internet and to either block these ports at their firewall, or apply the patch immediately.
For More Information
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods: