Secunia offered a vulnerability announcement for Windows XP SP1 and Windows 2000. When a system running one of these operating systems requests a device list via RPC, the system is vulnerable to a potential Denial of Service attack.
The vulnerability announcement can be found here: http://secunia.com/advisories/17595/
Microsoft's Security Advisory is here: http://www.microsoft.com/technet/security/advisory/911052.mspx
The original write-up announcing the vulnerability is here: http://seclists.org/lists/vuln-dev/2005/Nov/0008.html
An addendum is here: http://seclists.org/lists/vuln-dev/2005/Nov/0007.html
Exploit code is in the write-up with the addendum containing a correction.