Oval Definition:	oval:org.mitre.oval:def:296
Revision Date: 2011-05-16 Version: 47 Title: Windows 2000 RPCSS DCOM Buffer Overflow (Blaster, Test 2) Description: Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2003-0352 Platform(s): Microsoft Windows 2000 Product(s): Remote Procedure Call (RPC) Definition Synopsis Software section Windows 2000 is installed AND File %windir%\system32\rpcrt4.dll version is less than 5.0.2195.6753 AND NOT Patch Windows2000-KB823980-x86-ENU.exe Installed AND Configuration section DCOM is enabled on systems with SP3 or later Win2K/XP/2003 service pack 3 (or later) is installed AND DCOM is enabled
BACK