MS03-039 Buffer Overrun In RPCSS Service

Discussion in 'News' started by SimonV, Sep 10, 2003.

  1. SimonV
    Honorary Member

    SimonV Petabyte Poster Gold Member

    [​IMG]<font size="3">MS03-039 Buffer Overrun In RPCSS Service</font>

    Remote Procedure Call (RPC) is a protocol used by the Windows operating system. RPC provides an inter-process communication mechanism that allows a program running on one computer to seamlessly access services on another computer. The protocol itself is derived from the Open Software Foundation (OSF) RPC protocol, but with the addition of some Microsoft specific extensions.

    There are three identified vulnerabilities in the part of RPCSS Service that deals with RPC messages for DCOM activation¬ó two that could allow arbitrary code execution and one that could result in a denial of service. The flaws result from incorrect handling of malformed messages. These particular vulnerabilities affect the Distributed Component Object Model (DCOM) interface within the RPCSS Service. This interface handles DCOM object activation requests that are sent from one machine to another.

    View: Microsoft Knowledge Base article (824146)
    News source: MS03-039: Buffer Overrun In RPCSS Service Could Allow Code Execution
    Certifications: MOS Master 2003, CompTIA A+, MCSA:M, MCSE
    WIP: Keeping CF Alive...


    Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.