CVE-2003-0813 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2003-0813
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2003-0813

Description: A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities.

CVE Status: Candidate

References: OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:893 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:894 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:900 NTBUGTRAQ http://marc.theaimsgroup.com/?l=ntbugtraq&m=106580303918155&w=2 MS http://www.microsoft.com/technet/security/bulletin/ms04-012.mspx MISC http://www.securitylab.ru/_exploits/rpc2.c.txt ISS http://xforce.iss.net/xforce/alerts/id/155 FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/011901.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/011886.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/011870.html CERT-VN 547820 CERT http://www.us-cert.gov/cas/techalerts/TA04-104A.html BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=106588827513795&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=106579825211708&w=2 BID 8811

Return to the previous page.