Vulnerability CVE-2003-0109 - CERT Civis.Net

Vulnerability Name:

CVE-2003-0109 (CCN-11533)

Assigned:

2003-03-17

Published:

2003-03-17

Updated:

2019-04-30

Summary:

Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.

CVSS v3 Severity:

10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
6.2 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
8.3 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: CCN
Type: BugTraq Mailing List, Sun Jun 01 2003 - 15:29:26 CDT
[Windows XP] ntdll.dll Buffer Overflow Vulnerability - Yet Another MS03-007

Source: CCN
Type: VulnWatch Mailing List, Fri Mar 21 2003 - 10:16:16 CST
New attack vectors and a vulnerability dissection of MS03-007

Source: MITRE
Type: CNA
CVE-2003-0109

Source: BUGTRAQ
Type: UNKNOWN
20030321 New attack vectors and a vulnerability dissection of MS03-007

Source: BUGTRAQ
Type: UNKNOWN
20030325 IIS 5.0 WebDAV -Proof of concept-. Fully documented.

Source: BUGTRAQ
Type: UNKNOWN
20030326 WebDAV exploit: using wide character decoder scheme

Source: BUGTRAQ
Type: UNKNOWN
20030328 Fate Research Labs Presents: Analysis of the NTDLL.DLL Exploit

Source: BUGTRAQ
Type: UNKNOWN
20030708 WDAV exploit without netcat and with pretty magic number

Source: NTBUGTRAQ
Type: UNKNOWN
20030321 New attack vectors and a vulnerability dissection of MS03-007

Source: CONFIRM
Type: UNKNOWN
http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B&displaylang=en

Source: CCN
Type: SA8314
Microsoft Internet Information Services WebDAV Buffer Overflow

Source: MSKB
Type: UNKNOWN
Q815021

Source: CCN
Type: CERT Advisory CA-2003-09
Buffer Overflow in Microsoft IIS 5.0

Source: CERT
Type: Patch, Third Party Advisory, US Government Resource
CA-2003-09

Source: CCN
Type: CIAC Information Bulletin N-054
Microsoft Unchecked Buffer in Windows Component Could Cause Web Server Compromise

Source: CCN
Type: Internet Security Systems Security Alert, March 17, 2003
Microsoft IIS WebDAV Remote Compromise Vulnerability

Source: ISS
Type: Patch, Vendor Advisory
20030317 Microsoft IIS WebDAV Remote Compromise Vulnerability

Source: XF
Type: Patch, Vendor Advisory
http-webdav-long-request(11533)

Source: CCN
Type: US-CERT VU#117394
Buffer Overflow in Core Microsoft Windows DLL

Source: CERT-VN
Type: US Government Resource
VU#117394

Source: CCN
Type: Microsoft Security Bulletin MS03-007
Unchecked buffer in Windows component could cause web server compromise (815021)

Source: CCN
Type: Microsoft Security Bulletin MS03-013
Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges (811493)

Source: CCN
Type: Microsoft Security Bulletin MS04-011
Security Update for Microsoft Windows (835732)

Source: CCN
Type: Microsoft Security Bulletin MS04-032
Security Update for Microsoft Windows (840987)

Source: CCN
Type: Microsoft Security Bulletin MS04-044
Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)

Source: CCN
Type: Microsoft Security Bulletin MS05-018
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859)

Source: MISC
Type: UNKNOWN
http://www.nextgenss.com/papers/ms03-007-ntdll.pdf

Source: BID
Type: Exploit, Patch, Vendor Advisory
7116

Source: CCN
Type: BID-7116
Microsoft Windows ntdll.dll Buffer Overflow Vulnerability

Source: MS
Type: UNKNOWN
MS03-007

Source: XF
Type: UNKNOWN
http-webdav-long-request(11533)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:109

Source: CCN
Type: Microsoft Knowledge Base Article 241520
How to Disable WebDAV for IIS 5.0

Source: CCN
Type: Rapid7 Vulnerability and Exploit Database [05/30/2018]
MS03-007 Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow

Vulnerable Configuration:

Configuration 1:

cpe:/o:microsoft:windows_2000:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000_terminal_services:*:sp3:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:microsoft:internet_information_server:5.0:*:*:*:far_east:*:*:*

AND

cpe:/o:microsoft:windows:xp:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:*:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows:nt:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:109	V	Windows ntdll.dll Buffer Overflow	2011-05-16