Microsoft Windows DCOM RPC Object Identity Information Disclosure

2004-04-13T16:13:01
ID OSVDB:5247
Type osvdb
Reporter OSVDB
Modified 2004-04-13T16:13:01

Description

Vulnerability Description

Microsoft Windows contains a flaw that may result in a remote information disclosure. The issue is due to the DCOM RPC interface initiating network communications via an "alter context". If a remote attacker can manipulate the interface to use this feature, the service may start up network communications on additional ports that also leak sensitive data.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Short Description

Microsoft Windows contains a flaw that may result in a remote information disclosure. The issue is due to the DCOM RPC interface initiating network communications via an "alter context". If a remote attacker can manipulate the interface to use this feature, the service may start up network communications on additional ports that also leak sensitive data.

References:

Vendor URL: http://www.microsoft.com/ Secunia Advisory ID:11065 Related OSVDB ID: 5246 Related OSVDB ID: 5245 Other Advisory URL: http://www.microsoft.com/technet/security/bulletin/ms04-012.mspx Microsoft Security Bulletin: MS04-012 Keyword: aka the "Object Identity Vulnerability." ISS X-Force ID: 15711 CVE-2004-0124 CERT VU: 212892 Bugtraq ID: 10121