ID CVE-2004-0116
Summary An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an activation request with a large length field.
References
Vulnerable Configurations
  • Microsoft Windows 2000
    cpe:2.3:o:microsoft:windows_2000
  • cpe:2.3:o:microsoft:windows_2003_server:r2
    cpe:2.3:o:microsoft:windows_2003_server:r2
  • Microsoft windows xp_gold
    cpe:2.3:o:microsoft:windows_xp:-:gold
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Windows : Microsoft Bulletins
    NASL id SMB_NT_MS04-012.NASL
    description The remote host has multiple bugs in its RPC/DCOM implementation (828741). An attacker could exploit one of these flaws to execute arbitrary code on the remote system.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 12206
    published 2004-04-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12206
    title MS04-012: Microsoft Hotfix (credentialed check) (828741)
  • NASL family Windows
    NASL id SMB_KB828741.NASL
    description The remote host has multiple bugs in its RPC/DCOM implementation (828741). An attacker may exploit one of these flaws to execute arbitrary code on the remote system.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 21655
    published 2007-03-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21655
    title MS04-012: Cumulative Update for Microsoft RPC/DCOM (828741) (uncredentialed check)
oval via4
  • accepted 2011-05-16T04:03:37.564-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name Shane Shaffer
      organization G2, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an activation request with a large length field.
    family windows
    id oval:org.mitre.oval:def:955
    status accepted
    submitted 2004-04-20T12:00:00.000-04:00
    title Windows 2000 RPCSS Service DCOM Activation Denial of Service
    version 68
  • accepted 2014-07-14T04:01:31.800-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name Christine Walzer
      organization The MITRE Corporation
    • name Maria Mikhno
      organization ALTX-SOFT
    definition_extensions
    comment Microsoft Windows Server 2003 is installed
    oval oval:org.mitre.oval:def:128
    description An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an activation request with a large length field.
    family windows
    id oval:org.mitre.oval:def:957
    status accepted
    submitted 2004-04-20T12:00:00.000-04:00
    title Server 2003 RPCSS Service DCOM Activation Denial of Service
    version 68
  • accepted 2015-08-10T04:01:12.307-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name Christine Walzer
      organization The MITRE Corporation
    • name Shane Shaffer
      organization G2, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    • name Maria Mikhno
      organization ALTX-SOFT
    definition_extensions
    • comment Microsoft Windows XP (32-bit) is installed
      oval oval:org.mitre.oval:def:1353
    • comment Microsoft Windows XP SP1 (32-bit) is installed
      oval oval:org.mitre.oval:def:1
    description An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an activation request with a large length field.
    family windows
    id oval:org.mitre.oval:def:958
    status accepted
    submitted 2004-04-20T12:00:00.000-04:00
    title Windows XP RPCSS Service DCOM Activation Denial of Service
    version 74
refmap via4
bid 10127
cert TA04-104A
cert-vn VU#417052
ciac O-115
eeye AD20040413A
ms MS04-012
sectrack 1009758
secunia 11065
xf win-rpcss-rpcmessage-dos(15708)
Last major update 10-09-2008 - 15:25
Published 01-06-2004 - 00:00
Last modified 12-10-2018 - 17:33
Back to Top