CVE-2003-0812
Microsoft Windows - Workstation Service WKSSVC Remote (MS03-049)
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
5
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated using the NetAddAlternateComputerName API.
Desbordamiento de búfer en la pila en una función de registro del servicio de Estación de Trabajo de Windows (WKSSVC.DLL) permite a atacantes remotos ejecutar código arbitrario mediante llamadas RPC que hacen que hacen que se escriban entradas largas en el fichero de registro de depuración NetSetup.LOG, como se ha demostrado usando la API NetAddAlternateComputerName.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2003-09-18 CVE Reserved
- 2003-11-12 First Exploit
- 2003-11-18 CVE Published
- 2024-08-08 CVE Updated
- 2024-09-15 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (13)
| URL | Tag | Source |
|---|---|---|
| http://marc.info/?l=bugtraq&m=106859247713009&w=2 | Mailing List | |
| http://marc.info/?l=bugtraq&m=106865197102041&w=2 | Mailing List | |
| http://www.cert.org/advisories/CA-2003-28.html | Third Party Advisory | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A331 | Signature | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A575 | Signature |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/123 | 2003-11-14 | |
| https://www.exploit-db.com/exploits/130 | 2003-12-04 | |
| https://www.exploit-db.com/exploits/119 | 2003-11-12 | |
| https://www.exploit-db.com/exploits/16378 | 2010-05-09 | |
| http://www.securityfocus.com/bid/9011 | 2024-08-08 |
| URL | Date | SRC |
|---|---|---|
| http://www.kb.cert.org/vuls/id/567620 | 2019-04-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Windows 2000 Search vendor "Microsoft" for product "Windows 2000" | * | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2000 Search vendor "Microsoft" for product "Windows 2000" | * | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2000 Search vendor "Microsoft" for product "Windows 2000" | * | sp2 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2000 Search vendor "Microsoft" for product "Windows 2000" | * | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2000 Search vendor "Microsoft" for product "Windows 2000" | * | sp4 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | 64-bit |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | home |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | media_center |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | gold, professional |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp1, 64-bit |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp1, home |
Affected
| ||||||