CVE-2003-0109

Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029	Patch Vendor Advisory
http://www.cert.org/advisories/CA-2003-09.html	Patch Third Party Advisory US Government Resource
http://www.iss.net/security_center/static/11533.php	Patch Vendor Advisory
http://www.securityfocus.com/bid/7116	Exploit Patch Vendor Advisory
http://www.nextgenss.com/papers/ms03-007-ntdll.pdf
http://www.kb.cert.org/vuls/id/117394	US Government Resource
http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B&displaylang=en
http://marc.info/?l=bugtraq&m=104869293619064&w=2
http://marc.info/?l=bugtraq&m=104887148323552&w=2
http://marc.info/?l=bugtraq&m=105768156625699&w=2
http://marc.info/?l=bugtraq&m=104861839130254&w=2
http://marc.info/?l=bugtraq&m=104826476427372&w=2
http://marc.info/?l=ntbugtraq&m=104826785731151&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109
http://support.microsoft.com/default.aspx?scid=kb;[LN];Q815021
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:microsoft:windows_2000::::::::
	cpe:2.3:o:microsoft:windows_2000::sp2::::::*
	cpe:2.3:o:microsoft:windows_2000_terminal_services::::::::
	cpe:2.3:o:microsoft:windows_2000_terminal_services::sp1::::::*
	cpe:2.3:o:microsoft:windows_2000_terminal_services::sp2::::::*
	cpe:2.3:o:microsoft:windows_2000_terminal_services::sp3::::::*
	cpe:2.3:o:microsoft:windows_2000::sp1::::::*
	cpe:2.3:o:microsoft:windows_2000::sp3::::::*

Information

Published : 2003-03-30 21:00

Updated : 2019-04-30 07:27

NVD link : CVE-2003-0109

Mitre link : CVE-2003-0109

JSON object : View

CWE

NVD-CWE-Other

Products Affected

microsoft

windows_2000_terminal_services
windows_2000

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029", "name": "20030317 Microsoft IIS WebDAV Remote Compromise Vulnerability", "tags": ["Patch", "Vendor Advisory"], "refsource": "ISS"}, {"url": "http://www.cert.org/advisories/CA-2003-09.html", "name": "CA-2003-09", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "refsource": "CERT"}, {"url": "http://www.iss.net/security_center/static/11533.php", "name": "http-webdav-long-request(11533)", "tags": ["Patch", "Vendor Advisory"], "refsource": "XF"}, {"url": "http://www.securityfocus.com/bid/7116", "name": "7116", "tags": ["Exploit", "Patch", "Vendor Advisory"], "refsource": "BID"}, {"url": "http://www.nextgenss.com/papers/ms03-007-ntdll.pdf", "name": "http://www.nextgenss.com/papers/ms03-007-ntdll.pdf", "tags": [], "refsource": "MISC"}, {"url": "http://www.kb.cert.org/vuls/id/117394", "name": "VU#117394", "tags": ["US Government Resource"], "refsource": "CERT-VN"}, {"url": "http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B&displaylang=en", "name": "http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B&displaylang=en", "tags": [], "refsource": "CONFIRM"}, {"url": "http://marc.info/?l=bugtraq&m=104869293619064&w=2", "name": "20030326 WebDAV exploit: using wide character decoder scheme", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://marc.info/?l=bugtraq&m=104887148323552&w=2", "name": "20030328 Fate Research Labs Presents: Analysis of the NTDLL.DLL Exploit", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://marc.info/?l=bugtraq&m=105768156625699&w=2", "name": "20030708 WDAV exploit without netcat and with pretty magic number", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://marc.info/?l=bugtraq&m=104861839130254&w=2", "name": "20030325 IIS 5.0 WebDAV -Proof of concept-. Fully documented.", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://marc.info/?l=bugtraq&m=104826476427372&w=2", "name": "20030321 New attack vectors and a vulnerability dissection of MS03-007", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://marc.info/?l=ntbugtraq&m=104826785731151&w=2", "name": "20030321 New attack vectors and a vulnerability dissection of MS03-007", "tags": [], "refsource": "NTBUGTRAQ"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109", "name": "oval:org.mitre.oval:def:109", "tags": [], "refsource": "OVAL"}, {"url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q815021", "name": "Q815021", "tags": [], "refsource": "MSKB"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007", "name": "MS03-007", "tags": [], "refsource": "MS"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2003-0109", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2003-03-31T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2019-04-30T14:27Z"}

7.5 /10