OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Alert: Microsoft Security Bulletin MS04-012 - Cumulative Update for Microsoft RPC/DCOM (828741)

From: Russ (Russ.CooperRC.ON.CA)
Date: Wed Apr 14 2004 - 07:08:00 CDT

Microsoft Security Bulletin MS04-012:
Cumulative Update for Microsoft RPC/DCOM (828741)

Bulletin URL:
<http://www.microsoft.com/technet/security/bulletin/MS04-012.mspx>

Summary:
  Version Number: 1.0
  Revision Date: April 13, 2004
  Impact of Vulnerability: Remote Code Execution
  Maximum Severity Rating: Critical
  Patch(es) Replaced: This bulletin replaces several prior security
updates. See the frequently asked questions (FAQ) section of this
bulletin for the complete list.
  Caveats: None

Revisions:
  * v1.0 - Tuesday, April 13, 2004: Bulletin published

Tested Software:
  Affected Software:
  * Microsoft Windows NT. Workstation 4.0 Service Pack 6a
<http://www.ntbugtraq.com/link/MS04-012-00.asp>
  * Microsoft Windows NT Server 4.0 Service Pack 6a
<http://www.ntbugtraq.com/link/d4f2ad32-fe74-4da1-aeae-80897ac86720.asp>
  * Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack
6
<http://www.ntbugtraq.com/link/5b29e35d-e5da-4486-b7eb-d54c7398142c.asp>
  * Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000
Service Pack 3, and Microsoft Windows 2000 Service Pack 4
<http://www.ntbugtraq.com/link/fbd38c36-d1d3-47a2-a5d5-6c8f27fdcc40.asp>
  * Microsoft Windows XP and Microsoft Windows XP Service Pack 1
<http://www.ntbugtraq.com/link/d488bbbb-da77-448d-8ff0-0a649a0d8fc3.asp>
  * Microsoft Windows XP 64-Bit Edition Service Pack 1
<http://www.ntbugtraq.com/link/4c3ed21d-ff40-4c9d-99dd-1632e43c1645.asp>
  * Microsoft Windows XP 64-Bit Edition Version 2003
<http://www.ntbugtraq.com/link/75a08528-5e99-4be0-8e97-f1c9789611eb.asp>
  * Microsoft Windows Server 2003
<http://www.ntbugtraq.com/link/07317ce9-520d-4574-b575-5fb85da9a4d7.asp>
  * Microsoft Windows Server 2003 64-Bit Edition
<http://www.ntbugtraq.com/link/75a08528-5e99-4be0-8e97-f1c9789611eb.asp>
  * Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE) and
Microsoft Windows Millennium Edition (ME) Review the FAQ section of this
bulletin for details about these operating systems

Technical Description:
Executive Summary:
This update resolves several newly-discovered vulnerabilities in
RPC/DCOM. Each vulnerability is documented in this bulletin in its own
section.

An attacker who successfully exploited the most severe of these
vulnerabilities could take complete control of the affected system. An
attacker could then take any action on the affected system, including
installing programs; viewing, changing, or deleting data; or creating
new accounts that have full privileges.

RPC Runtime Library Vulnerability - CAN-2003-0813
RPCSS Service Vulnerability - CAN-2004-0116
COM Internet Services (CIS) - RPC over HTTP Vulnerability -
CAN-2003-0807
Object Identity Vulnerability - CAN-2004-0124

This email is sent to NTBugtraq automagically as a service to my
subscribers. (v4.00.1564.10850)

Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor

-----
Earn up to 10 credit course hours toward the TruSecure ICSA Practitioner (TICSA) Credential and receive a TICSA exam coupon by attending the Infosecurity Canada 2004 conference. Featured speaker, Marcus J. Ranum, TruSecure inventor of the proxy firewall will present on June 3 at 11:30 AM. Visit <https://ticsa.trusecure.com> for certification details and <http://www.infosecuritycanada.com> for conference information. Become TICSA certified and see what happens!
-----