Summary
The remote host is vulnerable to a flaw in ntdll.dll which may allow an attacker to gain system privileges, by exploiting it thru, for instance, WebDAV in IIS5.0 (other services could be exploited, locally and/or remotely)
Note : Microsoft recommends (quoted from advisory) that:
If you have not already applied the MS03-007 patch from this bulletin, Microsoft recommends you apply the MS03-013 patch as it also corrects an additional vulnerability.
Solution
see http://www.microsoft.com/technet/security/bulletin/ms03-007.mspx or http://www.microsoft.com/technet/security/bulletin/MS03-013.mspx
Severity
Classification
-
CVE CVE-2003-0109 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Microsoft DirectShow Remote Code Execution Vulnerability (961373)
- Microsoft Groove Remote Code Execution Vulnerability (2494047)
- Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (2870699)
- Checks for MS HOTFIX for snmp buffer overruns
- Microsoft .NET Framework Remote Code Execution Vulnerability (2671605)