[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249982

 
 

909

 
 

195748

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2003-0605Date: (C)2003-08-27   (M)2023-12-22


The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
http://marc.info/?l=bugtraq&m=105880332428706&w=2
http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006851.html
CA-2003-19
CA-2003-23
MS03-039
VU#326746

CPE    16
cpe:/o:microsoft:windows_2000::sp4:advanced_server
cpe:/o:microsoft:windows_2000::sp1:advanced_server
cpe:/o:microsoft:windows_2000::sp1:datacenter_server
cpe:/o:microsoft:windows_2000::sp2:datacenter_server
...
OVAL    2
oval:org.mitre.oval:def:494
oval:org.mitre.oval:def:1118

© SecPod Technologies