CVE-2003-0528
https://notcve.org/view.php?id=CVE-2003-0528
Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715. Desbordamiento de búfer en el interfaz DCOM (Distributed Component Object Model) en el servicio RPCSS permite a atacantes remotos la ejecución arbitraria de código mediante una petición RPC mal construida con un parámetro 'nombre de fichero' largo. Es una vulnerabilidad diferente a las CAN-2003-0352 (utilizada por Blaster y Nachi) y la CAN-2003-0715. • http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0100.html http://marc.info/?l=bugtraq&m=106407417011430&w=2 http://www.cert.org/advisories/CA-2003-23.html http://www.kb.cert.org/vuls/id/254236 http://www.nsfocus.com/english/homepage/research/0306.htm https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-039 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A127 https://oval.cisecurity.org/repository/search/definit •
CVE-2003-0661
https://notcve.org/view.php?id=CVE-2003-0661
The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include random memory in a response to a NBNS query, which could allow remote attackers to obtain sensitive information. • http://www.kb.cert.org/vuls/id/989932 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-034 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3483 •
CVE-2003-0352 – Microsoft RPC DCOM Interface - Remote Overflow (MS03-026)
https://notcve.org/view.php?id=CVE-2003-0352
Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms. Desbordamiento de búfer en una cierta interfaz RPC DCOM en Microsoft Windows NT4, 2000, XP y 2003 permite a atacantes remotos ejecutar código arbitrario mediante un mensaje malformado. • https://www.exploit-db.com/exploits/16749 https://www.exploit-db.com/exploits/100 https://www.exploit-db.com/exploits/22917 http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/007079.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/007357.html http://marc.info/?l=bugtraq&m=105838687731618&w=2 http://marc.info/?l=bugtraq&m=105914789527294&w=2 http://www.cert.org/advisories/CA-2003-16.html http://www.cert.org/advisories/CA-2003-19.htm •
CVE-2003-0469 – Microsoft Windows XP/2000/NT 4.0 - HTML Converter HR Align Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-0469
Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align" argument in an HR tag. Desbordamiento de búfer en el Convertidor HTML (HTML32.cnv) de varios sistemas operativos Windows, permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario mediante una operación de cortar-y-pegar, como se ha demostrado en Internet Explorer 5.0 usando un arguemento "align" larga en una etiqueta HR. • https://www.exploit-db.com/exploits/22824 http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006155.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/006067.html http://marc.info/?l=bugtraq&m=105639925122961&w=2 http://www.cert.org/advisories/CA-2003-14.html http://www.kb.cert.org/vuls/id/823260 http://www.securityfocus.com/bid/8016 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-023 •