Oval Definition:oval:org.mitre.oval:def:6147
Revision Date:2011-10-31Version:45
Title:Windows RPCSS Service Isolation Vulnerability
Description:The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows RPCSS Service Isolation Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-0079
Platform(s):Microsoft Windows Server 2003
Microsoft Windows XP
Product(s):
Definition Synopsis
  • Check for Microsoft Windows XP (x86) SP2
  • Microsoft Windows XP (x86) SP2 is installed
  • AND Check if version of rpcss.dll less than 5.1.2600.3520
  • OR Check for Microsoft Windows XP (x86) SP3
  • Microsoft Windows XP (x86) SP3 is installed
  • AND Check if version of rpcss.dll is less than 5.1.2600.5755
  • OR Check for vulnearble Windows Server 2003 (ia64) SP1/SP1 (x86)/ XP x64 SP1
  • Windows Server 2003 (ia64) SP1/SP1 (x86)/ XP x64 SP1
  • Microsoft Windows XP Professional x64 Edition SP1 is installed
  • OR Microsoft Windows Server 2003 SP1 (x64) is installed
  • OR Microsoft Windows Server 2003 SP1 (x86) is installed
  • OR Microsoft Windows Server 2003 SP1 for Itanium is installed
  • AND Check if version of rpcss.dll is less than 5.2.3790.3290
  • OR Check for Windows Server 2003 (ia64) SP2/(x64)/(x86)/XP x64 SP2
  • Windows Server 2003 (ia64) SP2/(x64)/(x86)/XP x64 SP2
  • Microsoft Windows Server 2003 SP2 (x64) is installed
  • OR Microsoft Windows XP x64 Edition SP2 is installed
  • OR Microsoft Windows Server 2003 SP2 (x86) is installed
  • OR Microsoft Windows Server 2003 (ia64) SP2 is installed
  • AND Check if version of rpcss.dll is less than 5.2.3790.4455
    • BACK