[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249966

 
 

909

 
 

195636

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2003-0813Date: (C)2003-11-17   (M)2024-02-23


A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.1
Exploit Score: 4.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
http://marc.info/?l=ntbugtraq&m=106580303918155&w=2
http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/011870.html
http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/011886.html
http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/011901.html
http://marc.info/?l=bugtraq&m=106588827513795&w=2
http://xforce.iss.net/xforce/alerts/id/155
BID-8811
MS04-012
TA04-104A
VU#547820
http://www.securitylab.ru/_exploits/rpc2.c.txt
oval:org.mitre.oval:def:893
oval:org.mitre.oval:def:894
oval:org.mitre.oval:def:900

CWE    1
CWE-367
OVAL    3
oval:org.mitre.oval:def:900
oval:org.mitre.oval:def:893
oval:org.mitre.oval:def:894

© SecPod Technologies