Vulnerabilities > CVE-2003-0528 - Unspecified vulnerability in Microsoft products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 48 |
Nessus
NASL family Windows : Microsoft Bulletins NASL id SMB_NT_MS03-026.NASL description The remote host is running a version of Windows affected by several vulnerabilities in its RPC interface and RPCSS Service, that could allow an attacker to execute arbitrary code and gain SYSTEM privileges. last seen 2020-06-01 modified 2020-06-02 plugin id 11790 published 2003-07-17 reporter This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/11790 title MS03-026 / MS03-039: Buffer Overrun In RPCSS Service Could Allow Code Execution (823980 / 824146) NASL family Backdoors NASL id SMB_LOGIN_AS_E.NASL description It was possible to log into the remote host with the login last seen 2020-06-01 modified 2020-06-02 plugin id 11839 published 2003-09-17 reporter This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/11839 title MS03-039 Exploitation Backdoor Account Detection NASL family Windows NASL id MSRPC_DCOM2.NASL description The remote host is running a version of Windows that has a flaw in its RPC interface, which may allow an attacker to execute arbitrary code and gain SYSTEM privileges. An attacker or a worm could use it to gain the control of this host. Note that this is NOT the same bug as the one described in MS03-026, which fixes the flaw exploited by the last seen 2020-06-01 modified 2020-06-02 plugin id 11835 published 2003-09-10 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/11835 title MS03-039: Microsoft RPC Interface Buffer Overrun (824146) (uncredentialed check)
Oval
accepted 2011-05-16T04:00:45.782-04:00 class vulnerability contributors name Tiffany Bergeron organization The MITRE Corporation name Shane Shaffer organization G2, Inc. name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715. family windows id oval:org.mitre.oval:def:127 status accepted submitted 2003-09-15T12:00:00.000-04:00 title RPCSS DCOM Buffer Overflow (Windows 2000) version 70 accepted 2011-05-16T04:02:38.527-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715. family windows id oval:org.mitre.oval:def:2884 status accepted submitted 2005-01-18T12:00:00.000-04:00 title RPCSS DCOM Buffer Overflow (XP, SP1) version 69 accepted 2005-03-09T07:56:00.000-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation description Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715. family windows id oval:org.mitre.oval:def:2968 status accepted submitted 2005-01-18T12:00:00.000-04:00 title RPCSS DCOM Buffer Overflow (XP) version 65 accepted 2005-03-09T07:56:00.000-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation description Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715. family windows id oval:org.mitre.oval:def:3966 status accepted submitted 2005-01-18T12:00:00.000-04:00 title RPCSS DCOM Buffer Overflow (Server 2003) version 66
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0100.html
- http://marc.info/?l=bugtraq&m=106407417011430&w=2
- http://www.cert.org/advisories/CA-2003-23.html
- http://www.kb.cert.org/vuls/id/254236
- http://www.nsfocus.com/english/homepage/research/0306.htm
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-039
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A127
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2884
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2968
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3966