CVE-2003-0352

EXPLOITED

Microsoft Windows - Buffer Overflow

Title source: llm

Description

Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms.

Exploits (4)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16749

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by ey4s · cremotewindows

https://www.exploit-db.com/exploits/100

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by [email protected] · textremotewindows

https://www.exploit-db.com/exploits/22917

View Code ZIP pw:eip

metasploit WORKING POC GREAT

by hdm, spoonm, cazz · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/dcerpc/ms03_026_dcom.rb

View Code ZIP pw:eip

References (14)

[Mailing List] http://marc.info/?l=bugtraq&m=105838687731618&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=105914789527294&w=2

[US Government Resource] http://www.cert.org/advisories/CA-2003-16.html

[US Government Resource] http://www.cert.org/advisories/CA-2003-19.html

[US Government Resource] http://www.kb.cert.org/vuls/id/568148

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/8205

[Various Sources] http://www.xfocus.org/documents/200307/2.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/12629

[Mailing List] http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/007079.html

[Mailing List] http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/007357.html

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-026

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A194

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2343

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A296

Scores

EPSS 0.9057

EPSS Percentile 99.6%

Details

VulnCheck KEV 2007-09-07

Status published

Products (8)

microsoft/windows_2000 (5 CPE variants)

microsoft/windows_2003_server enterprise

microsoft/windows_2003_server enterprise_64-bit

microsoft/windows_2003_server r2 (2 CPE variants)

microsoft/windows_2003_server standard

microsoft/windows_2003_server web

microsoft/windows_nt 4.0 (32 CPE variants)

microsoft/windows_xp (5 CPE variants)

Published Aug 18, 2003

Tracked Since Feb 18, 2026