MS03-039: Microsoft Windows RPC DCOM Interface epmapper Pipe Hijack Local Privilege Escalation (824146) (intrusive check)

high Nessus Plugin ID 11798

Language:

Synopsis

The remote Windows host has a denial of service vulnerability that may lead to privilege escalation.

Description

It is possible to disable the remote RPC DOM interface by sending it a malformed request. The system will need to be rebooted to recover. A remote attacker could exploit this flaw to remotely disable RPC- related programs on this host.

If a denial of service attack is successful, a local attacker could escalate privileges by hijacking the epmapper pipe.

Solution

Microsoft has released a set of patches for Windows NT, 2000, XP, and 2003.

See Also

http://www.nessus.org/u?5a98a71a

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2003/ms03-039

Plugin Details

Severity: High

ID: 11798

File Name: dcom_rpc_dos.nasl

Version: 1.44

Type: remote

Agent: windows

Family: Windows

Published: 7/22/2003

Updated: 11/15/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 7/20/2003

Reference Information

CVE: CVE-2003-0605

BID: 8234, 8460

MSFT: MS03-039

MSKB: 824146