CVE - CVE-2003-0109

CVE-ID
CVE-2003-0109	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:7116 URL:http://www.securityfocus.com/bid/7116 BUGTRAQ:20030321 New attack vectors and a vulnerability dissection of MS03-007 URL:http://marc.info/?l=bugtraq&m=104826476427372&w=2 BUGTRAQ:20030325 IIS 5.0 WebDAV -Proof of concept-. Fully documented. URL:http://marc.info/?l=bugtraq&m=104861839130254&w=2 BUGTRAQ:20030326 WebDAV exploit: using wide character decoder scheme URL:http://marc.info/?l=bugtraq&m=104869293619064&w=2 BUGTRAQ:20030328 Fate Research Labs Presents: Analysis of the NTDLL.DLL Exploit URL:http://marc.info/?l=bugtraq&m=104887148323552&w=2 BUGTRAQ:20030708 WDAV exploit without netcat and with pretty magic number URL:http://marc.info/?l=bugtraq&m=105768156625699&w=2 CERT:CA-2003-09 URL:http://www.cert.org/advisories/CA-2003-09.html CERT-VN:VU#117394 URL:http://www.kb.cert.org/vuls/id/117394 CONFIRM:http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B&displaylang=en ISS:20030317 Microsoft IIS WebDAV Remote Compromise Vulnerability URL:~~http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029~~ (Obsolete source - check if archived by the Wayback Machine) MISC:http://www.nextgenss.com/papers/ms03-007-ntdll.pdf MS:MS03-007 URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007 MSKB:Q815021 URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q815021 NTBUGTRAQ:20030321 New attack vectors and a vulnerability dissection of MS03-007 URL:http://marc.info/?l=ntbugtraq&m=104826785731151&w=2 OVAL:oval:org.mitre.oval:def:109 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109 VULNWATCH:20030317 Microsoft IIS 5.0 WebDAV remote buffer overflow XF:http-webdav-long-request(11533) URL:~~http://www.iss.net/security_center/static/11533.php~~ (Obsolete source - check if archived by the Wayback Machine)
Assigning CNA
MITRE Corporation
Date Record Created
20030226	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20030226)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)