Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0116

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0116
Last Modified 10 Sep 2008 03:25:09
Published 01 Jun 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0116

Summary

An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an activation request with a large length field.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows 2003 Server R2

  • Microsoft Windows Xp


References

CERT-VN - VU#417052

CERT - TA04-104A

EEYE - AD20040413A

MS - MS04-012

XF - win-rpcss-rpcmessage-dos(15708)

BID - 10127

CIAC - O-115

SECTRACK - 1009758

SECUNIA - 11065


Last Updated: 27 May 2016 10:38:28