Page 14 of 68 results (0.056 seconds)

CVSS: 10.0EPSS: 67%CPEs: 48EXPL: 0

Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715. Desbordamiento de búfer en el interfaz DCOM (Distributed Component Object Model) en el servicio RPCSS permite a atacantes remotos la ejecución arbitraria de código mediante una petición RPC mal construida con un parámetro 'nombre de fichero' largo. Es una vulnerabilidad diferente a las CAN-2003-0352 (utilizada por Blaster y Nachi) y la CAN-2003-0715. • http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0100.html http://marc.info/?l=bugtraq&m=106407417011430&w=2 http://www.cert.org/advisories/CA-2003-23.html http://www.kb.cert.org/vuls/id/254236 http://www.nsfocus.com/english/homepage/research/0306.htm https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-039 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A127 https://oval.cisecurity.org/repository/search/definit •

CVSS: 5.0EPSS: 1%CPEs: 46EXPL: 0

The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include random memory in a response to a NBNS query, which could allow remote attackers to obtain sensitive information. • http://www.kb.cert.org/vuls/id/989932 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-034 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3483 •

CVSS: 7.5EPSS: 96%CPEs: 48EXPL: 4

Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms. Desbordamiento de búfer en una cierta interfaz RPC DCOM en Microsoft Windows NT4, 2000, XP y 2003 permite a atacantes remotos ejecutar código arbitrario mediante un mensaje malformado. • https://www.exploit-db.com/exploits/16749 https://www.exploit-db.com/exploits/100 https://www.exploit-db.com/exploits/22917 http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/007079.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/007357.html http://marc.info/?l=bugtraq&m=105838687731618&w=2 http://marc.info/?l=bugtraq&m=105914789527294&w=2 http://www.cert.org/advisories/CA-2003-16.html http://www.cert.org/advisories/CA-2003-19.htm •