Windows RPC DCOM interface buffer overflow

2006-04-04T00:00:00
ID SAINT:2B7719D68563751A2F6C65365AC70FBC
Type saint
Reporter SAINT Corporation
Modified 2006-04-04T00:00:00

Description

Added: 04/04/2006
CVE: CVE-2003-0352
BID: 8205
OSVDB: 2100

Background

The Distributed Component Object Model is a technology in Microsoft Windows operating systems which allows software components to communicate. Remote Procedure Call (RPC) is a protocol used to request a service from a program on another computer.

Problem

Insufficient input validation in the Windows RPCSS service leads to a buffer overflow in the DCOM process, leading to command execution.

Resolution

Install the patch referenced in Microsoft Security Bulletin 03-026.

References

<http://www.cert.org/advisories/CA-2003-16.html>

Limitations

This exploit may cause the target system to crash.

Platforms

Windows 2000
Windows XP
Windows Server 2003