Products from Double R Solutions Services from Double R Solutions News and events from Double R Solutions Contact Double R Solutions Support Double R Solutions

General Information

PC-DCE for Windows NT/2000/XP
Version 5.0.5

Release Applicability

This patch can be applied to any version of PC-DCE from 5.0.0 through 5.0.4.

New Features in This Release

No new features were added in this release.

Problems Fixed in This Release

RPC Overrun Attack
Fixed a logic error in the RPC runtime that program sends invalid packet data which causes a buffer overflow in DCE servers. After numerous attacks, the server will not respond to normal DCE requests. This buffer overflow may also affect DCE clients: If DCE clients have any open associations to a server, the overrun attack could hit that association and also cause it to overflow.

This problem affects all DCE products. The Entegrity patch fixes the buffer overflow condition and rejects invalid or improperly sized packets. This fix is required for all DCE systems.

This patch incorporates fixes for the following CERT vulnerabilities:

VU #259796
VU #568148
VU #326746
VU #377804

PC-DCE Command Line Configuration Tool
This tool, dcecfgng.exe, was not working in 5.0. It now works.

Obtaining PC-DCE 5.0.5

PC-DCE 5.0.x is no longer available. You must upgrade to at least 5.1.x. If you have not purchased version 5.1, contact the Double R Solutions DCE/DFS Sales Team.

Other Documentation

Be sure to also view the Release Notes included in the documentation download and posted on the online Documentation Library.

Applying PC-DCE 5.0.5

To upgrade to PC-DCE 5.0.5:

  1. See "Obtaining PC-DCE 5.0.5" above for download links.