MS03-026: Microsoft RPC Interface Buffer Overrun (823980) (uncredentialed check)
Critical Nessus Plugin ID 11808
SynopsisArbitrary code can be executed on the remote host.
DescriptionThe remote version of Windows contains a flaw in the function RemoteActivation() in its RPC interface that could allow an attacker to execute arbitrary code on the remote host with the SYSTEM privileges.
A series of worms (Blaster) are known to exploit this vulnerability in the wild.
SolutionMicrosoft has released patches for Windows NT, 2000, XP, and 2003.