var-200303-0063
Vulnerability from variot
Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0. This vulnerability, which is being actively exploited on WebDAV-enabled IIS 5.0 servers, will allow a remote attacker to execute arbitrary code on unpatched systems. Sites running Microsoft Windows should apply a patch or disable WebDAV services as soon as possible. The Windows library ntdll.dll includes a function that does not perform sufficient bounds checking. The vulnerability is present in the function "RtlDosPathNameToNtPathName_U" and may be exploited through other programs that use the library if an attack vector permits it. One of these programs is the implementation of WebDAV that ships with IIS 5.0. Several other library functions which call the vulnerable ntdll.dll procedure have been identified. Administrators are advised to patch as other attack vectors are likely to surface. Windows XP does not also include WebDAV by default, but other attack vectors may be possible, especially in cases where the attacker has interactive access to the system. WebDAV may be installed by a user on Windows XP with IIS 5.1, so WebDAV may be a possible means of exploitation in these circumstances. ** Reports suggest that numerous hosts have been scanned in an attempt to exploit this vulnerability. Although unconfirmed, this may be the result of a system of automated attacks. ** It has been reported that this vulnerability is also present in the "RtlGetFullPathName_U" function. The supplied Microsoft patch (Q815021) also corrects this function. ** It has been reported that the W32.Welchia.Worm, described in MCID 1811, is actively exploiting this vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200303-0063",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "windows 2000",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "windows 2000 terminal services",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "iis",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "windows 2000",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (server)"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (terminal_srv)"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "windows 2000",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "windows 2000 terminal services",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 2000 terminal services",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "sp1"
},
{
"model": "windows 2000 terminal services",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "sp2"
},
{
"model": "windows 2000 terminal services",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "windows 2000",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "sp2"
},
{
"model": "windows xp professional sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp 64-bit edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp 64-bit edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt workstation sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows terminal services sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows terminal services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows terminal services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows terminal services",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "wireless lan solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn/security management solution",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "voice manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "user registration tool",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "uone enterprise edition",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.46"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "unity server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "transport manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "trailhead",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sn storage router sn5428-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.2.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.2.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2.5.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1.3"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(7)"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(5)"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(4)"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(3)"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(2)"
},
{
"model": "small network management solution",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "service management",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure scanner",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure policy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2.1"
},
{
"model": "routed wan management",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "qos policy manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "personal assistant",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networking services for active directory",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "network registar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "media blender",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "lan management solution",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip/vc video rate matching module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3540"
},
{
"model": "ip/vc application server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3540"
},
{
"model": "ip telephony environment monitor",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip contact center express",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip contact center enterprise",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "internet service node",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "intelligent contact manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "intelligent contact manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "emergency responder",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "e-mail manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "dynamic content adapter",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "docsis cpe configurator",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "customer response application server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "conference connection",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "collaboration server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks vpn/security management solution",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(3)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1(2)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "call manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager hotspot",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "broadband troubleshooter",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure access control server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2.2"
},
{
"model": "secure access control server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1.20)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#117394"
},
{
"db": "BID",
"id": "7116"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000088"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-079"
},
{
"db": "NVD",
"id": "CVE-2003-0109"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:microsoft:iis",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_2000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_nt",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_xp",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000088"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Security Bulletin",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200303-079"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0109",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2003-0109",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2003-0109",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#117394",
"trust": 0.8,
"value": "78.00"
},
{
"author": "NVD",
"id": "CVE-2003-0109",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200303-079",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#117394"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000088"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-079"
},
{
"db": "NVD",
"id": "CVE-2003-0109"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0. This vulnerability, which is being actively exploited on WebDAV-enabled IIS 5.0 servers, will allow a remote attacker to execute arbitrary code on unpatched systems. Sites running Microsoft Windows should apply a patch or disable WebDAV services as soon as possible. The Windows library ntdll.dll includes a function that does not perform sufficient bounds checking. The vulnerability is present in the function \"RtlDosPathNameToNtPathName_U\" and may be exploited through other programs that use the library if an attack vector permits it. One of these programs is the implementation of WebDAV that ships with IIS 5.0. \nSeveral other library functions which call the vulnerable ntdll.dll procedure have been identified. Administrators are advised to patch as other attack vectors are likely to surface. Windows XP does not also include WebDAV by default, but other attack vectors may be possible, especially in cases where the attacker has interactive access to the system. WebDAV may be installed by a user on Windows XP with IIS 5.1, so WebDAV may be a possible means of exploitation in these circumstances. \n** Reports suggest that numerous hosts have been scanned in an attempt to exploit this vulnerability. Although unconfirmed, this may be the result of a system of automated attacks. \n** It has been reported that this vulnerability is also present in the \"RtlGetFullPathName_U\" function. The supplied Microsoft patch (Q815021) also corrects this function. \n** It has been reported that the W32.Welchia.Worm, described in MCID 1811, is actively exploiting this vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0109"
},
{
"db": "CERT/CC",
"id": "VU#117394"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000088"
},
{
"db": "BID",
"id": "7116"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2003-0109",
"trust": 2.7
},
{
"db": "BID",
"id": "7116",
"trust": 2.7
},
{
"db": "CERT/CC",
"id": "VU#117394",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000088",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20030328 FATE RESEARCH LABS PRESENTS: ANALYSIS OF THE NTDLL.DLL EXPLOIT",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030325 IIS 5.0 WEBDAV -PROOF OF CONCEPT-. FULLY DOCUMENTED.",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030326 WEBDAV EXPLOIT: USING WIDE CHARACTER DECODER SCHEME",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030321 NEW ATTACK VECTORS AND A VULNERABILITY DISSECTION OF MS03-007",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030708 WDAV EXPLOIT WITHOUT NETCAT AND WITH PRETTY MAGIC NUMBER",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:109",
"trust": 0.6
},
{
"db": "ISS",
"id": "20030317 MICROSOFT IIS WEBDAV REMOTE COMPROMISE VULNERABILITY",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2003-09",
"trust": 0.6
},
{
"db": "MSKB",
"id": "Q815021",
"trust": 0.6
},
{
"db": "NTBUGTRAQ",
"id": "20030321 NEW ATTACK VECTORS AND A VULNERABILITY DISSECTION OF MS03-007",
"trust": 0.6
},
{
"db": "MS",
"id": "MS03-007",
"trust": 0.6
},
{
"db": "XF",
"id": "11533",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200303-079",
"trust": 0.6
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#117394"
},
{
"db": "BID",
"id": "7116"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000088"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-079"
},
{
"db": "NVD",
"id": "CVE-2003-0109"
}
]
},
"id": "VAR-200303-0063",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2024-11-22T23:15:23.742000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MS03-007",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/MS03-007.asp"
},
{
"title": "MS03-007",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/MS03-007.mspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000088"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0109"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://microsoft.com/downloads/details.aspx?familyid=c9a38d45-5145-4844-b62e-c69d32ac929b\u0026displaylang=en"
},
{
"trust": 3.4,
"url": "http://www.nextgenss.com/papers/ms03-007-ntdll.pdf"
},
{
"trust": 3.4,
"url": "http://www.cert.org/advisories/ca-2003-09.html"
},
{
"trust": 3.4,
"url": "http://www.securityfocus.com/bid/7116"
},
{
"trust": 3.4,
"url": "http://www.iss.net/issen/delivery/xforce/alertdetail.jsp?oid=22029"
},
{
"trust": 2.6,
"url": "http://www.kb.cert.org/vuls/id/117394"
},
{
"trust": 2.6,
"url": "http://www.iss.net/security_center/static/11533.php"
},
{
"trust": 2.0,
"url": "http://marc.info/?l=bugtraq\u0026m=104826476427372\u0026w=2"
},
{
"trust": 2.0,
"url": "http://marc.info/?l=bugtraq\u0026m=104861839130254\u0026w=2"
},
{
"trust": 2.0,
"url": "http://marc.info/?l=bugtraq\u0026m=104869293619064\u0026w=2"
},
{
"trust": 2.0,
"url": "http://marc.info/?l=bugtraq\u0026m=104887148323552\u0026w=2"
},
{
"trust": 2.0,
"url": "http://marc.info/?l=bugtraq\u0026m=105768156625699\u0026w=2"
},
{
"trust": 2.0,
"url": "http://marc.info/?l=ntbugtraq\u0026m=104826785731151\u0026w=2"
},
{
"trust": 2.0,
"url": "http://support.microsoft.com/default.aspx?scid=kb%3b%5bln%5d%3bq815021"
},
{
"trust": 2.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007"
},
{
"trust": 2.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a109"
},
{
"trust": 1.9,
"url": "http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms03-007.asp"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/windows2000/technologies/web/default.asp"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2518.txt"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/downloads/release.asp?releaseid=43955"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/default.aspx?scid=kb;en-us;241520"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/default.aspx?scid=kb;%5bln%5d;326444"
},
{
"trust": 0.8,
"url": "http://go.microsoft.com/fwlink/?linkid=14875"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/default.aspx?scid=kb;en-us;816930"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/default.aspx?scid=kb;en-us;260694"
},
{
"trust": 0.8,
"url": "http://www.lurhq.com/webdav.html"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-054.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0109"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20030318iiswebdav.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr031201.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr031701.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2003/at030003.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-09"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0109"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/region/jp/sarcj/data/w/w32.welchia.b.worm.html"
},
{
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/webdav_iis_xforce.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030318_155635.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030329_162146.html"
},
{
"trust": 0.6,
"url": "http://www.microsoft.com/technet/security/bulletin/ms03-007.asp"
},
{
"trust": 0.6,
"url": "http://support.microsoft.com/default.aspx?scid=kb;%5bln%5d;q815021"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=ntbugtraq\u0026m=104826785731151\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=105768156625699\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104887148323552\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104869293619064\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104861839130254\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104826476427372\u0026w=2"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:109"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20030820-nachi.shtml"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/default.aspx?scid=kb%3ben-us%3b241520"
},
{
"trust": 0.3,
"url": "http://support.coresecurity.com/impact/exploits/c369522bc8e35de72c8875bfbd218985.html"
},
{
"trust": 0.3,
"url": "http://www.securityfocus.com/archive/88/315375"
},
{
"trust": 0.3,
"url": "http://www.msnbc.com/news/886524.asp?0cv=cb10"
},
{
"trust": 0.3,
"url": "/archive/1/323508"
},
{
"trust": 0.3,
"url": "/archive/1/316228"
},
{
"trust": 0.3,
"url": "/archive/1/323441"
},
{
"trust": 0.3,
"url": "/archive/1/315845"
},
{
"trust": 0.3,
"url": "/archive/1/316304"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#117394"
},
{
"db": "BID",
"id": "7116"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000088"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-079"
},
{
"db": "NVD",
"id": "CVE-2003-0109"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#117394"
},
{
"db": "BID",
"id": "7116"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000088"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-079"
},
{
"db": "NVD",
"id": "CVE-2003-0109"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-03-17T00:00:00",
"db": "CERT/CC",
"id": "VU#117394"
},
{
"date": "2003-03-17T00:00:00",
"db": "BID",
"id": "7116"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000088"
},
{
"date": "2003-03-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200303-079"
},
{
"date": "2003-03-31T05:00:00",
"db": "NVD",
"id": "CVE-2003-0109"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-05-30T00:00:00",
"db": "CERT/CC",
"id": "VU#117394"
},
{
"date": "2009-07-11T21:06:00",
"db": "BID",
"id": "7116"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000088"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200303-079"
},
{
"date": "2024-11-20T23:43:58.697000",
"db": "NVD",
"id": "CVE-2003-0109"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200303-079"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer Overflow in Core Microsoft Windows DLL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#117394"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "7116"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-079"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.