Everyones correct
RPC sucks and still all the patched versions of Windows 2000 and XP are vulnerable.
PSSSS...., an exploit causes a buffer overflow and shows the famous read error, this could be exploited remotely to bind a shell to a port so beware, only if you know what i am saying.

best is to seal the port 139 or configure your firewall to drop certain (hmm..) packets.