CVE-2003-0605
CVE-2003-0605
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
Affected products
n/a · n/apublic PoCs found — 10
exploitdbwww.exploit-db.com/exploits/61unverifiedexploitdbwww.exploit-db.com/exploits/69unverifiedexploitdbwww.exploit-db.com/exploits/70unverifiedexploitdbwww.exploit-db.com/exploits/76unverifiedexploitdbwww.exploit-db.com/exploits/64unverifiedexploitdbwww.exploit-db.com/exploits/97unverifiedexploitdbwww.exploit-db.com/exploits/103unverifiedexploitdbwww.exploit-db.com/exploits/109unverifiedexploitdbwww.exploit-db.com/exploits/66unverifiedexploitdbwww.exploit-db.com/exploits/117unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006851.htmlhttp://marc.info/?l=bugtraq&m=105880332428706&w=2https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-039https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1118https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A494http://www.cert.org/advisories/CA-2003-19.htmlhttp://www.cert.org/advisories/CA-2003-23.htmlhttp://www.kb.cert.org/vuls/id/326746