MS03-026 / MS03-039: Buffer Overrun In RPCSS Service Could Allow Code Execution (823980 / 824146)

critical Nessus Plugin ID 11790

Synopsis

Arbitrary code can be executed on the remote host.

Description

The remote host is running a version of Windows affected by several vulnerabilities in its RPC interface and RPCSS Service, that could allow an attacker to execute arbitrary code and gain SYSTEM privileges.

Solution

Microsoft has released a set of patches for Windows NT, 2000, XP and 2003.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2003/ms03-026

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2003/ms03-039

Plugin Details

Severity: Critical

ID: 11790

File Name: smb_nt_ms03-026.nasl

Version: 1.58

Type: local

Agent: windows

Published: 7/17/2003

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/10/2003

Vulnerability Publication Date: 7/16/2003

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (MS03-026 Microsoft RPC DCOM Interface Overflow)

Reference Information

CVE: CVE-2003-0352, CVE-2003-0528, CVE-2003-0605, CVE-2003-0715

BID: 8205, 8458, 8459, 8460

CERT: 254236, 326746, 483492, 568148

MSFT: MS03-026, MS03-039

MSKB: 824146