| Definition Id: oval:org.mitre.oval:def:2343 |
Version: 4
Last Modified: 2011-04-26
|
| Title: |
Windows XP RPCSS DCOM Buffer Overflow (Blaster, Test 2) |
| Description: |
Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms. |
| Family: |
windows |
Class: |
vulnerability |
| Status: |
ACCEPTED |
Reference(s): |
CVE-2003-0352
|
| Platform(s): |
Microsoft Windows XP |
Product(s): |
Distributed Component Object Model (DCOM) |
| Definition Synopsis: |
- Software section
- Windows XP 32-bit OR Windows XP 64-bit is installed
- Windows XP 32-bit edition is installed
- OR Windows XP 64-bit
- AND A vulnerable version of rpcrt4.dll exists depending on service pack level
- no service pack is installed and rpcrt4.dll is less than 5.1.2600.109
- AND SP1 is installed and the version of rpcrt4.dll is less than 5.1.2600.1254
- AND the patch kb824146 is installed (Hotfix key)
- AND Configuration section
|
