exploits , vulnerabilities , articles , Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability
| Title |
Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability |
| Published |
2003-07-16-12:00AM |
| Updated |
2004-04-07-10:00PM |
| Class |
Boundary Condition Error |
| CVE |
CAN-2003-0352 |
| Remote |
Yes |
| Local |
No |
| Credit |
Discovery of this vulnerability has been credited to The Last Stage of Delirium Research Group. |
| Vulnerable |
Microsoft Windows XP Professional SP1
Microsoft Windows XP Professional
Microsoft Windows XP Home SP1
Microsoft Windows XP Home
Microsoft Windows XP 64bit Edition SP1
Microsoft Windows XP 64bit Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Enterprise Edition 64bit
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Datacenter Edition 64bit
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows NT Workstation 4.0 SP6a
Microsoft Windows NT Workstation 4.0 SP6
Microsoft Windows NT Workstation 4.0 SP5
Microsoft Windows NT Workstation 4.0 SP4
Microsoft Windows NT Workstation 4.0 SP3
Microsoft Windows NT Workstation 4.0 SP2
Microsoft Windows NT Workstation 4.0 SP1
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Terminal Server 4.0 SP6
Microsoft Windows NT Terminal Server 4.0 SP5
Microsoft Windows NT Terminal Server 4.0 SP4
Microsoft Windows NT Terminal Server 4.0 SP3
Microsoft Windows NT Terminal Server 4.0 SP2
Microsoft Windows NT Terminal Server 4.0 SP1
Microsoft Windows NT Terminal Server 4.0
Microsoft Windows NT Server 4.0 SP6a
Microsoft Windows NT Server 4.0 SP6
Microsoft Windows NT Server 4.0 SP5
Microsoft Windows NT Server 4.0 SP4
Microsoft Windows NT Server 4.0 SP3
Microsoft Windows NT Server 4.0 SP2
Microsoft Windows NT Server 4.0 SP1
Microsoft Windows NT Server 4.0
Microsoft Windows NT Enterprise Server 4.0 SP6a
Microsoft Windows NT Enterprise Server 4.0 SP6
Microsoft Windows NT Enterprise Server 4.0 SP5
Microsoft Windows NT Enterprise Server 4.0 SP4
Microsoft Windows NT Enterprise Server 4.0 SP3
Microsoft Windows NT Enterprise Server 4.0 SP2
Microsoft Windows NT Enterprise Server 4.0 SP1
Microsoft Windows NT Enterprise Server 4.0
Microsoft Windows 2000 Server SP4
Microsoft Windows 2000 Server SP3
Microsoft Windows 2000 Server SP2
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server
Avaya DefinityOne Media Servers
Avaya IP600 Media Servers
Avaya S3400 Message Application Server
Avaya S8100 Media Servers
Microsoft Windows 2000 Professional SP4
Microsoft Windows 2000 Professional SP3
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Datacenter Server SP4
Microsoft Windows 2000 Datacenter Server SP3
Microsoft Windows 2000 Datacenter Server SP2
Microsoft Windows 2000 Datacenter Server SP1
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Advanced Server SP4
Microsoft Windows 2000 Advanced Server SP3
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server
Compaq OpenVMS 7.3 1 Alpha
Compaq OpenVMS 7.3 VAX
Compaq OpenVMS 7.3 Alpha
Compaq OpenVMS 7.2.1 Alpha
Compaq OpenVMS 7.2 2 Alpha
Compaq OpenVMS 7.2 1H2 Alpha
Compaq OpenVMS 7.2 1H1 Alpha
Compaq OpenVMS 7.2 VAX
Compaq OpenVMS 7.2 Alpha
Compaq OpenVMS 7.1 2 Alpha
Compaq OpenVMS 7.1 VAX
Compaq OpenVMS 7.1 Alpha
Compaq OpenVMS 6.2 1H3 Alpha
Compaq OpenVMS 6.2 1H2 Alpha
Compaq OpenVMS 6.2 1H1 Alpha
Compaq OpenVMS 6.2 VAX
Compaq OpenVMS 6.2 Alpha
Cisco VPN/Security Management Solution
Cisco Voice Manager
Cisco User Registration Tool
Cisco uOne Enterprise Edition
Cisco Unity Server 4.0
Cisco Unity Server 3.3
Cisco Unity Server 3.2
Cisco Unity Server 3.1
Cisco Unity Server 3.0
Cisco Unity Server 2.46
Cisco Unity Server 2.4
Cisco Unity Server 2.3
Cisco Unity Server 2.2
Cisco Unity Server 2.1
Cisco Unity Server 2.0
Cisco Unity Server
Cisco Transport Manager
Cisco Trailhead
Cisco SN 5420 Storage Router 1.1.3
Cisco SN 5420 Storage Router 1.1 (7)
Cisco SN 5420 Storage Router 1.1 (5)
Cisco SN 5420 Storage Router 1.1 (4)
Cisco SN 5420 Storage Router 1.1 (3)
Cisco SN 5420 Storage Router 1.1 (2)
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional SP2
Microsoft Windows 95
Microsoft Windows 98
Microsoft Windows ME
Microsoft Windows NT 4.0
Microsoft Windows NT 4.0 SP2
Microsoft Windows NT 4.0 SP3
Microsoft Windows NT 4.0 SP4
Microsoft Windows NT 4.0 SP5
Microsoft Windows NT 4.0 SP6
Microsoft Windows NT 4.0 SP6a
Cisco Small Network Management Solution
Cisco Service Management
Cisco Secure Scanner
Cisco Secure Policy Manager 3.0.1
Cisco Secure ACS for Windows Server 3.2
Cisco Secure ACS for Windows NT 3.1.1
Cisco Secure ACS for Windows NT 3.0.3
Cisco Secure ACS for Windows NT 3.0 .1
Cisco Secure ACS for Windows NT 3.0
Cisco Secure ACS for Windows NT 2.6.4
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Datacenter Server SP1
Microsoft Windows 2000 Datacenter Server SP2
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Server
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server SP2
Microsoft Windows 2000 Terminal Services
Microsoft Windows 2000 Terminal Services SP1
Microsoft Windows 2000 Terminal Services SP2
Microsoft Windows NT Enterprise Server 4.0
Microsoft Windows NT Enterprise Server 4.0 SP1
Microsoft Windows NT Enterprise Server 4.0 SP2
Microsoft Windows NT Enterprise Server 4.0 SP3
Microsoft Windows NT Enterprise Server 4.0 SP4
Microsoft Windows NT Enterprise Server 4.0 SP5
Microsoft Windows NT Enterprise Server 4.0 SP6
Microsoft Windows NT Enterprise Server 4.0 SP6a
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server 4.0 SP1
Microsoft Windows NT Server 4.0 SP2
Microsoft Windows NT Server 4.0 SP3
Microsoft Windows NT Server 4.0 SP4
Microsoft Windows NT Server 4.0 SP5
Microsoft Windows NT Server 4.0 SP6
Microsoft Windows NT Server 4.0 SP6a
Microsoft Windows NT Terminal Server 4.0
Microsoft Windows NT Terminal Server 4.0 SP1
Microsoft Windows NT Terminal Server 4.0 SP2
Microsoft Windows NT Terminal Server 4.0 SP3
Microsoft Windows NT Terminal Server 4.0 SP4
Microsoft Windows NT Terminal Server 4.0 SP5
Microsoft Windows NT Terminal Server 4.0 SP6
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Workstation 4.0 SP1
Microsoft Windows NT Workstation 4.0 SP2
Microsoft Windows NT Workstation 4.0 SP3
Microsoft Windows NT Workstation 4.0 SP4
Microsoft Windows NT Workstation 4.0 SP5
Microsoft Windows NT Workstation 4.0 SP6
Microsoft Windows NT Workstation 4.0 SP6a
Cisco Secure ACS for Windows NT 2.6.3
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Datacenter Server SP1
Microsoft Windows 2000 Datacenter Server SP2
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Server
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server SP2
Microsoft Windows 2000 Terminal Services
Microsoft Windows 2000 Terminal Services SP1
Microsoft Windows 2000 Terminal Services SP2
Microsoft Windows NT Enterprise Server 4.0
Microsoft Windows NT Enterprise Server 4.0 SP1
Microsoft Windows NT Enterprise Server 4.0 SP2
Microsoft Windows NT Enterprise Server 4.0 SP3
Microsoft Windows NT Enterprise Server 4.0 SP4
Microsoft Windows NT Enterprise Server 4.0 SP5
Microsoft Windows NT Enterprise Server 4.0 SP6
Microsoft Windows NT Enterprise Server 4.0 SP6a
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server 4.0 SP1
Microsoft Windows NT Server 4.0 SP2
Microsoft Windows NT Server 4.0 SP3
Microsoft Windows NT Server 4.0 SP4
Microsoft Windows NT Server 4.0 SP5
Microsoft Windows NT Server 4.0 SP6
Microsoft Windows NT Server 4.0 SP6a
Microsoft Windows NT Terminal Server 4.0
Microsoft Windows NT Terminal Server 4.0 SP1
Microsoft Windows NT Terminal Server 4.0 SP2
Microsoft Windows NT Terminal Server 4.0 SP3
Microsoft Windows NT Terminal Server 4.0 SP4
Microsoft Windows NT Terminal Server 4.0 SP5
Microsoft Windows NT Terminal Server 4.0 SP6
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Workstation 4.0 SP1
Microsoft Windows NT Workstation 4.0 SP2
Microsoft Windows NT Workstation 4.0 SP3
Microsoft Windows NT Workstation 4.0 SP4
Microsoft Windows NT Workstation 4.0 SP5
Microsoft Windows NT Workstation 4.0 SP6
Microsoft Windows NT Workstation 4.0 SP6a
Cisco Secure ACS for Windows NT 2.6.2
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Datacenter Server SP1
Microsoft Windows 2000 Datacenter Server SP2
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Server
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server SP2
Microsoft Windows 2000 Terminal Services
Microsoft Windows 2000 Terminal Services SP1
Microsoft Windows 2000 Terminal Services SP2
Microsoft Windows NT Enterprise Server 4.0
Microsoft Windows NT Enterprise Server 4.0 SP1
Microsoft Windows NT Enterprise Server 4.0 SP2
Microsoft Windows NT Enterprise Server 4.0 SP3
Microsoft Windows NT Enterprise Server 4.0 SP4
Microsoft Windows NT Enterprise Server 4.0 SP5
Microsoft Windows NT Enterprise Server 4.0 SP6
Microsoft Windows NT Enterprise Server 4.0 SP6a
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server 4.0 SP1
Microsoft Windows NT Server 4.0 SP2
Microsoft Windows NT Server 4.0 SP3
Microsoft Windows NT Server 4.0 SP4
Microsoft Windows NT Server 4.0 SP5
Microsoft Windows NT Server 4.0 SP6
Microsoft Windows NT Server 4.0 SP6a
Microsoft Windows NT Terminal Server 4.0
Microsoft Windows NT Terminal Server 4.0 SP1
Microsoft Windows NT Terminal Server 4.0 SP2
Microsoft Windows NT Terminal Server 4.0 SP3
Microsoft Windows NT Terminal Server 4.0 SP4
Microsoft Windows NT Terminal Server 4.0 SP5
Microsoft Windows NT Terminal Server 4.0 SP6
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Workstation 4.0 SP1
Microsoft Windows NT Workstation 4.0 SP2
Microsoft Windows NT Workstation 4.0 SP3
Microsoft Windows NT Workstation 4.0 SP4
Microsoft Windows NT Workstation 4.0 SP5
Microsoft Windows NT Workstation 4.0 SP6
Microsoft Windows NT Workstation 4.0 SP6a
Cisco Secure ACS for Windows NT 2.6
Cisco Secure ACS for Windows NT 2.5
Cisco Secure ACS for Windows NT 2.4
Cisco Secure ACS for Windows NT 2.3
Cisco Secure ACS for Windows NT 2.1
Cisco Secure Access Control Server 3.2.1
Cisco Routed Wan Management
Cisco QoS Policy Manager
Cisco Personal Assistant
Cisco Networking Services for Active Directory
Cisco Network Registar
Cisco Media Blender
Cisco Lan Management Solution
Cisco IP/VC 3540 Video Rate Matching Module
Cisco IP/VC 3540 Application Server
Cisco IP Telephony Environment Monitor
Cisco IP Contact Center Express
Cisco Internet Service Node
Cisco Intelligent Contact Manager
Cisco Emergency Responder
Cisco EMail Manager
Cisco Dynamic Content Adapter
Cisco DOCSIS CPE Configurator
Cisco Customer Response Application Server
Cisco Conference Connection
Cisco Collaboration Server
Cisco CiscoWorks VPN/Security Management Solution
Cisco Call Manager 3.3 (3)
Cisco Call Manager 3.3
Cisco Call Manager 3.2
Cisco Call Manager 3.1 (3a)
Cisco Call Manager 3.1 (2)
Cisco Call Manager 3.1
Cisco Call Manager 3.0
Cisco Call Manager 2.0
Cisco Call Manager 1.0
Cisco Call Manager
Cisco Building BroadBand Services Manager Hotspot 1.0
Cisco Building Broadband Service Manager 5.2
Cisco Building Broadband Service Manager 5.1
Cisco Broadband Troubleshooter |
| Not Vulnerable |
Cisco Secure Access Control Server 3.2.2
Cisco Secure Access Control Server 3.2 (1.20) |
| Code |
CORE has developed a working commercial exploit for their IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
August 02, 2003:
There is currently at least one autorooter-enabled IRC bot circulating
which exploits this vulnerability. At this time, the IRC bot does not
appear to be automated into a worm.
August 11, 2003:
An additional exploit (kaht2.zip) has been released.
November 7, 2003:
A new exploit designed to bypass various Windows memory protection schemes is available. The exploit works by using a 'ret-into-libc' chaining procedure, which copies a payload into a newly allocated page modified using undocumented API functions to be executable. This exploit, rpc!exec.c is available below.
An exploit has been released as part of the MetaSploit Framework 2.0.
The following exploits are available:
/data/vulnerabilities/exploits/dcomrpc.c
/data/vulnerabilities/exploits/dcom.c
/data/vulnerabilities/exploits/DComExpl_UnixWin32.zip
/data/vulnerabilities/exploits/07.30.dcom48.c
/data/vulnerabilities/exploits/30.07.03.dcom.c
/data/vulnerabilities/exploits/0x82-dcomrpc_usemgret.c
/data/vulnerabilities/exploits/oc192-dcom.c
/data/vulnerabilities/exploits/kaht2.zip
/data/vulnerabilities/exploits/rpc!exec.c
/data/vulnerabilities/exploits/msrpc_dcom_ms03_026.pm
|
| TXT |
 |
|
Advertising
|
