OSVDB ID: 2100

Title: Microsoft Windows RPC DCOM Interface Overflow

Info

Disclosure
Jul 16, 2003

Discovery
Unknown

Dates

Exploit
Jul 16, 2003

Solution
Unknown

Description

 Microsoft Windows platforms contain a flaw that may allow a remote attacker to execute arbitrary code. The issue is due to a flaw in the Remote Procedure Call (RPC) Distributed Component Object Model (DCOM) interface that does not properly sanitize remote requests. If an attacker sends a specially crafted message to the server, they may be able to crash the service or execute arbitrary code with SYSTEM privileges.

Classification

 Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Public, Exploit Commercial
Disclosure: OSVDB Verified

Solution

 Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation

Windows

 2000
NT 4.0
NT 4.0 Terminal Server Edition
XP
2003 Server

References

Credit
  • The Last Stage of Delirium Research Group - The Last Stage of Delirium Research Group


Direct URL: http://osvdb.org/2100