Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability

CORE has developed a working commercial exploit for their IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

August 02, 2003:

There is currently at least one autorooter-enabled IRC bot circulating
which exploits this vulnerability. At this time, the IRC bot does not
appear to be automated into a worm.

August 11, 2003:

An additional exploit (kaht2.zip) has been released.

November 7, 2003:

A new exploit designed to bypass various Windows memory protection schemes is available. The exploit works by using a 'ret-into-libc' chaining procedure, which copies a payload into a newly allocated page modified using undocumented API functions to be executable. This exploit, rpc!exec.c is available below.

An exploit has been released as part of the MetaSploit Framework 2.0.

The following exploits are available:


 

Privacy Statement
Copyright 2010, SecurityFocus