Oval Definition:	oval:org.mitre.oval:def:127
Revision Date: 2011-05-16 Version: 47 Title: RPCSS DCOM Buffer Overflow (Windows 2000) Description: Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2003-0528 Platform(s): Microsoft Windows 2000 Product(s): Remote Procedure Call (RPC) Definition Synopsis Software section Windows 2000 is installed AND the version of rpcrt4.dll is less than 5.0.2195.6802 AND NOT the patch kb824146 is installed (Hotfix key) AND Configuration section DCOM is enabled on systems with SP3 or later Win2K/XP/2003 service pack 3 (or later) is installed AND DCOM is enabled
BACK