CVE-2003-0605 - Vulnerability Details - OpenCVE

The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows 2000

Configuration 1 [-]

OR	cpe:2.3:o:microsoft:windows_2000::::::::
	cpe:2.3:o:microsoft:windows_2000::sp1::::::*
	cpe:2.3:o:microsoft:windows_2000::sp2::::::*
	cpe:2.3:o:microsoft:windows_2000::sp3::::::*
	cpe:2.3:o:microsoft:windows_2000::sp4::::::*

No data.

References

Link	Providers
http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006851.html
http://marc.info/?l=bugtraq&m=105880332428706&w=2
http://www.cert.org/advisories/CA-2003-19.html
http://www.cert.org/advisories/CA-2003-23.html
http://www.kb.cert.org/vuls/id/326746
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-039
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1118
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A494

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-07-29T04:00:00

Updated: 2024-08-08T01:58:11.105Z

Reserved: 2003-07-25T00:00:00

Link: CVE-2003-0605

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2003-08-27T04:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2003-0605

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2003-07-21T00:00:00", "descriptions": [{"lang": "en", "value": "The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20030720 Microsoft Windows 2000 RPC DCOM Interface DOS AND Privilege Escalation Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=105880332428706&w=2"}, {"name": "20030721 Microsoft Windows 2000 RPC DCOM Interface DOS AND Privilege Escalation Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006851.html"}, {"name": "CA-2003-23", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.cert.org/advisories/CA-2003-23.html"}, {"name": "oval:org.mitre.oval:def:494", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A494"}, {"name": "oval:org.mitre.oval:def:1118", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1118"}, {"name": "CA-2003-19", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.cert.org/advisories/CA-2003-19.html"}, {"name": "VU#326746", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/326746"}, {"name": "MS03-039", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-039"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0605", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20030720 Microsoft Windows 2000 RPC DCOM Interface DOS AND Privilege Escalation Vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=105880332428706&w=2"}, {"name": "20030721 Microsoft Windows 2000 RPC DCOM Interface DOS AND Privilege Escalation Vulnerability", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006851.html"}, {"name": "CA-2003-23", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2003-23.html"}, {"name": "oval:org.mitre.oval:def:494", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A494"}, {"name": "oval:org.mitre.oval:def:1118", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1118"}, {"name": "CA-2003-19", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2003-19.html"}, {"name": "VU#326746", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/326746"}, {"name": "MS03-039", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-039"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T01:58:11.105Z"}, "title": "CVE Program Container", "references": [{"name": "20030720 Microsoft Windows 2000 RPC DCOM Interface DOS AND Privilege Escalation Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=105880332428706&w=2"}, {"name": "20030721 Microsoft Windows 2000 RPC DCOM Interface DOS AND Privilege Escalation Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006851.html"}, {"name": "CA-2003-23", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.cert.org/advisories/CA-2003-23.html"}, {"name": "oval:org.mitre.oval:def:494", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A494"}, {"name": "oval:org.mitre.oval:def:1118", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1118"}, {"name": "CA-2003-19", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.cert.org/advisories/CA-2003-19.html"}, {"name": "VU#326746", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/326746"}, {"name": "MS03-039", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-039"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0605", "datePublished": "2003-07-29T04:00:00", "dateReserved": "2003-07-25T00:00:00", "dateUpdated": "2024-08-08T01:58:11.105Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function."}, {"lang": "es", "value": "El interfaz RPC DCOM en Windows 2000 SP3 y SP4 permite a atacantes remotos causar una denegaci\u00f3 de servicio (ca\u00edda), y a atacantes locales usar la DoS para secuestrar la tuber\u00eda epmapper para ganar privilegios, mediante ciertos mensajes al interfaz __RemoteGetClassObject que causar que un puntero nulo sea pasado a la funci\u00f3n PerformScmStage."}], "id": "CVE-2003-0605", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2003-08-27T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006851.html"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=105880332428706&w=2"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.cert.org/advisories/CA-2003-19.html"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.cert.org/advisories/CA-2003-23.html"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/326746"}, {"source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-039"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1118"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A494"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006851.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=105880332428706&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.cert.org/advisories/CA-2003-19.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.cert.org/advisories/CA-2003-23.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/326746"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-039"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1118"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A494"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}