Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-0352Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Windows 2003 Server

8 documents6 sources
Severity
7.5HIGHNVD
EPSS
90.6%
top 0.39%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Microsoft Windows 2003 ServerMicrosoft Windows NT
Timeline
PublishedAug 18
Latest updateApr 29

Description

Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

3
GHSA
GHSA-gf79-rq99-fffp: Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 42022-04-29
CVEList
CVE-2003-0352: Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 42003-07-17
VulnCheck
Microsoft Windows Out-of-bounds Write2003

💥Exploits & PoCs

3
Exploit-DB
Microsoft RPC DCOM Interface - Remote Overflow (MS03-026) (Metasploit)2011-01-11
Exploit-DB
Microsoft Windows - 'RPC DCOM' Long Filename Overflow (MS03-026)2003-09-16
Exploit-DB
Microsoft Windows - DCOM RPC Interface Buffer Overrun2003-08-11

🔍Detection Rules

1
Suricata
GPL NETBIOS SMB-DS DCERPC ISystemActivator bind attempt2010-09-23
CVE-2003-0352 — Microsoft vulnerability | cvebase