Vulnerability Details : CVE-2003-0109
Public exploit exists!
Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.
Vulnerability category: OverflowExecute code
Products affected by CVE-2003-0109
- cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp3:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2003-0109
97.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2003-0109
-
MS03-007 Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow
Disclosure Date: 2003-05-30First seen: 2020-04-26exploit/windows/iis/ms03_007_ntdll_webdavThis exploits a buffer overflow in NTDLL.dll on Windows 2000 through the SEARCH WebDAV method in IIS. This particular module only works against Windows 2000. It should have a reasonable chance of success against SP0 to SP3. Authors: - hdm <x@hdm.io
CVSS scores for CVE-2003-0109
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2003-0109
-
http://www.securityfocus.com/bid/7116
Microsoft Windows ntdll.dll Buffer Overflow VulnerabilityExploit;Patch;Vendor Advisory
-
http://marc.info/?l=bugtraq&m=104869293619064&w=2
-
http://www.nextgenss.com/papers/ms03-007-ntdll.pdf
-
http://www.iss.net/security_center/static/11533.php
Patch;Vendor Advisory
-
http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B&displaylang=en
-
http://marc.info/?l=ntbugtraq&m=104826785731151&w=2
-
http://marc.info/?l=bugtraq&m=104887148323552&w=2
-
http://www.kb.cert.org/vuls/id/117394
US Government Resource
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109
-
http://www.cert.org/advisories/CA-2003-09.html
Patch;Third Party Advisory;US Government Resource
-
http://support.microsoft.com/default.aspx?scid=kb;[LN];Q815021
-
http://marc.info/?l=bugtraq&m=104826476427372&w=2
-
http://marc.info/?l=bugtraq&m=105768156625699&w=2
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007
-
http://marc.info/?l=bugtraq&m=104861839130254&w=2
-
http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029
Patch;Vendor Advisory
Jump to