Oval Definition:oval:org.mitre.oval:def:969
Revision Date:2008-03-24Version:45
Title:Windows NT COM Internet Services/RPC over HTTP Proxy Component Buffer Overflow
Description:Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2003-0807
Platform(s):Microsoft Windows NT
Product(s):COM Internet Services
Definition Synopsis
  • Software section
  • Windows NT 4.0 Server or Terminal Server is installed
  • Microsoft Windows NT is installed
  • OR Server or Terminal Server product option
  • Windows NT server product option
  • this is an NT Server (stand-alone)
  • OR this is an NT Server (domain controller)
  • OR this is an NT Terminal Server
  • AND a vulnerable version of rpcproxy.dll exists on NT
  • non Terminal Server and rpcproxy.dll is less than 4.0.1381.7255
  • NOT this is an NT Terminal Server
  • AND the version of rpcproxy.dll is less than 4.0.1381.7255
  • OR Terminal Server and rpcproxy.dll is less than 4.0.1381.33559
  • this is an NT Terminal Server
  • AND the version of rpcproxy.dll is less than 4.0.1381.33559
  • AND NOT the patch kb828741 is installed
  • AND Configuration section
  • COM Internet Services are enabled
    • BACK