SAINT top bar Go to home page Search this site Contact SAINT Corporation
SAINT logo
""







 

 

 

 

 

Windows RPC DCOM interface buffer overflow

Added: 04/04/2006
CVE: CVE-2003-0352
BID: 8205
OSVDB: 2100

Background

The Distributed Component Object Model is a technology in Microsoft Windows operating systems which allows software components to communicate. Remote Procedure Call (RPC) is a protocol used to request a service from a program on another computer.

Problem

Insufficient input validation in the Windows RPCSS service leads to a buffer overflow in the DCOM process, leading to command execution.

Resolution

Install the patch referenced in Microsoft Security Bulletin 03-026.

References

http://www.cert.org/advisories/CA-2003-16.html

Limitations

This exploit may cause the target system to crash.

Platforms

Windows 2000
Windows XP
Windows Server 2003
  Copyright SAINT Corporation. All Rights Reserved. Privacy information Legal information Site map