Oval Definition:	oval:org.mitre.oval:def:1118
Revision Date: 2011-05-16 Version: 48 Title: MS Windows RPC DCOM DoS-based Privilege Escalation Vulnerability (Test 2) Description: The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2003-0605 Platform(s): Microsoft Windows 2000 Product(s): Remote Procedure Call (RPC) Definition Synopsis Windows 2000 (sp4 or earlier) is installed Windows 2000 is installed AND NOT Win2K/XP/2003 service pack 5 (or later) is installed AND the version of rpcrt4.dll is less than 5.0.2195.6802 AND NOT the patch kb824146 is installed (Hotfix key)
BACK