Reported July 16, 2003, by Microsoft.

VERSIONS AFFECTED

  • Windows Server 2003, Windows XP, Windows 2000, Windows NT 4.0 Terminal Server Edition, Windows NT4.0

DESCRIPTION

A buffer overrun condition in the RPC interface can result in the execution of arbitrary code on the vulnerable computer. This condition stems from a flaw in the way malformed messages are handled. By exploiting this flaw, an attacker would be able to run code with Local System privileges on the vulnerable system. The attacker would be able to take any action on the system, including installing programs; viewing, changing, or deleting data; and creating new accounts with full privileges.

VENDOR RESPONSE

Microsoft has released security bulletin MS03-026, "Buffer Overrun In RPC Interface Could Allow Code Execution," which addresses this vulnerability, and recommends that affected users apply the appropriate patch listed in the bulletin.

CREDIT

Discovered by The Last Stage of Delirium Research Group.