CVSS: 10.0EPSS: 68%CPEs: 48EXPL: 0CVE-2003-0715
https://notcve.org/view.php?id=CVE-2003-0715
Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0528. Desbordamiento de búfer basado en el montón en el interfaz DCOM (Distributed Component Object Model) del servicio RPCSS de Windows NT/2000/XP/2003 permite a atacantes remotos ejecutar código arbitrario mediante un paquete de petición de petición de activación de objeto DCERPC DCOM malformado, con campos de longitud modificados, una vulnerabilidad distinta de CAN-2003-0352 (Blaster/Nachi) y CAN-2003-0528. • http://marc.info/?l=bugtraq&m=106322856608909&w=2 http://www.cert.org/advisories/CA-2003-23.html http://www.kb.cert.org/vuls/id/483492 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-039 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1202 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1813 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A20 http •
CVSS: 10.0EPSS: 67%CPEs: 48EXPL: 0CVE-2003-0528
https://notcve.org/view.php?id=CVE-2003-0528
Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715. Desbordamiento de búfer en el interfaz DCOM (Distributed Component Object Model) en el servicio RPCSS permite a atacantes remotos la ejecución arbitraria de código mediante una petición RPC mal construida con un parámetro 'nombre de fichero' largo. Es una vulnerabilidad diferente a las CAN-2003-0352 (utilizada por Blaster y Nachi) y la CAN-2003-0715. • http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0100.html http://marc.info/?l=bugtraq&m=106407417011430&w=2 http://www.cert.org/advisories/CA-2003-23.html http://www.kb.cert.org/vuls/id/254236 http://www.nsfocus.com/english/homepage/research/0306.htm https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-039 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A127 https://oval.cisecurity.org/repository/search/definit •
CVSS: 5.0EPSS: 1%CPEs: 46EXPL: 0CVE-2003-0661
https://notcve.org/view.php?id=CVE-2003-0661
The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include random memory in a response to a NBNS query, which could allow remote attackers to obtain sensitive information. • http://www.kb.cert.org/vuls/id/989932 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-034 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3483 •
CVSS: 7.5EPSS: 96%CPEs: 5EXPL: 10CVE-2003-0605 – Microsoft Windows Server 2000 - RPC DCOM Interface Denial of Service
https://notcve.org/view.php?id=CVE-2003-0605
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function. El interfaz RPC DCOM en Windows 2000 SP3 y SP4 permite a atacantes remotos causar una denegació de servicio (caída), y a atacantes locales usar la DoS para secuestrar la tubería epmapper para ganar privilegios, mediante ciertos mensajes al interfaz __RemoteGetClassObject que causar que un puntero nulo sea pasado a la función PerformScmStage. • https://www.exploit-db.com/exploits/61 https://www.exploit-db.com/exploits/69 https://www.exploit-db.com/exploits/70 https://www.exploit-db.com/exploits/76 https://www.exploit-db.com/exploits/64 https://www.exploit-db.com/exploits/97 https://www.exploit-db.com/exploits/103 https://www.exploit-db.com/exploits/109 https://www.exploit-db.com/exploits/66 https://www.exploit-db.com/exploits/117 http://lists.grok.org.uk/pipermail/full-disclosure/2003-Ju •
CVSS: 7.5EPSS: 97%CPEs: 48EXPL: 4CVE-2003-0352 – Microsoft RPC DCOM Interface - Remote Overflow (MS03-026)
https://notcve.org/view.php?id=CVE-2003-0352
Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms. Desbordamiento de búfer en una cierta interfaz RPC DCOM en Microsoft Windows NT4, 2000, XP y 2003 permite a atacantes remotos ejecutar código arbitrario mediante un mensaje malformado. • https://www.exploit-db.com/exploits/16749 https://www.exploit-db.com/exploits/100 https://www.exploit-db.com/exploits/22917 http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/007079.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/007357.html http://marc.info/?l=bugtraq&m=105838687731618&w=2 http://marc.info/?l=bugtraq&m=105914789527294&w=2 http://www.cert.org/advisories/CA-2003-16.html http://www.cert.org/advisories/CA-2003-19.htm •