eEye Digital Security
  • Login to the eEye Business Client Portal
  • Shop for eEye Products
  • Read the eEye Blog
  • Subscribe to eEye RSS Feeds
  • Follow eEye on Twitter
  • Follow eEye of Facebook
Resources

New Windows RPC DCOM Vulnerability

Date:
9/10/2003 12:00:00 AM

Severity:
High

Affected Software:
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server 4.0, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003

Overview:
eEye Digital Security Advisory
http://www.eeye.com/html/Research/Advisories/AD20030910.html

Technical Analysis:

Detection:
eEye Releases Updated RPC DCOM Remediating Utility
This special version of eEye's free RPC DCOM Vulnerability Scanner dramatically enhances the initial version by adding the capability to disinfect systems throughout the network impacted by worms like Blaster (plus its variants), Nachi, Teekids, and Penis32.

The Class C version of the utility is free to all existing clients of eEye. Class A, Class B and Class C versions of the utility are available for purchase.

For additional information, please visit:
http://www.eeye.com/html/Research/Tools/RPCDCOM.html

Prevention:
Microsoft Patch
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-039.asp

Users should note that this vulnerability differs from the vulnerability publicized in Microsoft Bulletin MS03-026 found here:
http://www.microsoft.com/technet/security/bulletin/MS03-026.asp

Links:

Copyright ©1998-2010 eEye Digital Security
Permission is hereby granted for the redistribution of this alert electronically. It is not to be edited in any way without express consent of eEye. If you wish to reprint the whole or any part of this alert in any other medium excluding electronic medium, please email alert@eEye.com for permission.

Disclaimer
The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are no warranties, implied or express, with regard to this information. In no event shall the author be liable for any direct or indirect damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk.

Next Steps

Free Trial
Test drive an eEye product
On-demand Demo
See an online product tour
One-on-one Demo
Schedule a personalized tour
Compare Products
See side-by-side features
Buy Now
Go to eEye product store
Contact | Site Map | Privacy | Website Feedback | 1.866.339.3732
© 1998 – 2011 eEye Digital Security. All rights reserved.