Oval Definition:	oval:org.mitre.oval:def:3966
Revision Date: 2005-03-09 Version: 43 Title: RPCSS DCOM Buffer Overflow (Server 2003) Description: Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2003-0528 Platform(s): Microsoft Windows Server 2003 Product(s): Distributed Component Object Model (DCOM) Definition Synopsis Software section Windows Server 2003 or Windows XP 64-Bit Edition Version 2003 Windows Server 2003 is installed OR Windows XP 64-bit Windows XP is installed AND a version of Windows for the ia64 architecture is installed AND the version of rpcrt4.dll is less than 5.2.3790.76 AND NOT the patch kb824146 is installed (Hotfix key) AND Configuration section DCOM is enabled
BACK