Detect The HTTP RPC Endpoint Mapper Network Vulnerability

Summary

This detects the http-rpc-epmap service by connecting to the port 593 and processing the buffer received. This endpoint mapper provides CIS (COM+ Internet Services) parameters like port 135 (epmap) for RPC.

Solution

Deny incoming traffic from the Internet to TCP port 593 as it may become a security threat in the future, if a vulnerability is discovered. For more information about CIS: http://msdn.microsoft.com/library/en-us/dndcom/html/cis.asp

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

CA Unicenter's File Transfer Service is running
Microsoft Windows Fraudulent Digital Certificates Spoofing Vulnerability
MS Windows Fraudulent Digital Certificates Spoofing Vulnerability (2641690)
MS Windows HID Functionality(Over USB) Code Execution Vulnerability
Microsoft SMB Signing Information Disclosure Vulnerability

Detect the HTTP RPC endpoint mapper

Take action and discover your vulnerabilities