CVE-2003-0528 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Windows 2003 Server

5 documents4 sources

Severity

10.0CRITICALNVD

CNA7.5

EPSS

57.5%

top 1.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 2003 Server Microsoft Windows NT

Timeline

PublishedSep 17

Latest updateApr 29

Description

Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDmicrosoft/windows_2003_server5 versions+4

▶NVDmicrosoft/windows_nt4.0

Patches

Patch: www.cert.org ↗Patch: www.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-rx7x-69jw-r2f4: Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrar↗2022-04-29

▶

CVEList

CVE-2003-0528: Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrar↗2003-09-12

▶

🔍Detection Rules

Suricata

GPL NETBIOS SMB-DS DCERPC Remote Activation bind attempt↗2010-09-23

▶

Suricata

GPL NETBIOS DCERPC Remote Activation bind attempt↗2010-09-23

▶