Vulnerability Details : CVE-2003-0533
Public exploit exists!
Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.
Vulnerability category: OverflowExecute code
Products affected by CVE-2003-0533
- cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:netmeeting:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2003-0533
97.26%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2003-0533
-
MS04-011 Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow
Disclosure Date: 2004-04-13First seen: 2020-04-26exploit/windows/smb/ms04_011_lsassThis module exploits a stack buffer overflow in the LSASS service, this vulnerability was originally found by eEye. When re-exploiting a Windows XP system, you will need need to run this module twice. DCERPC request fragmentation can be performed by setting 'FragSi
CVSS scores for CVE-2003-0533
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2003-0533
-
http://www.eeye.com/html/Research/Advisories/AD20040413C.html
-
http://marc.info/?l=bugtraq&m=108325860431471&w=2
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A898
-
http://www.us-cert.gov/cas/techalerts/TA04-104A.html
Page Not Found | CISAThird Party Advisory;US Government Resource
-
http://www.securityfocus.com/bid/10108
Microsoft Windows LSASS Buffer Overrun Vulnerability
-
http://www.kb.cert.org/vuls/id/753212
Patch;Third Party Advisory;US Government Resource
-
http://www.ciac.org/ciac/bulletins/o-114.shtml
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/15699
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011
Microsoft Security Bulletin MS04-011 - Critical | Microsoft Learn
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A883
-
http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020069.html
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A919
Jump to