oval:org.mitre.oval:def:1118

Definition Id: oval:org.mitre.oval:def:1118

Oval ID:	oval:org.mitre.oval:def:1118
Title:	MS Windows RPC DCOM DoS-based Privilege Escalation Vulnerability (Test 2)
Description:	The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0605	Version:	7
Platform(s):	Microsoft Windows 2000	Product(s):	Remote Procedure Call (RPC)
Definition Synopsis:
Windows 2000 (sp4 or earlier) is installed Windows 2000 is installed AND NOT Win2K/XP/2003 service pack 5 (or later) is installed AND the version of rpcrt4.dll is less than 5.0.2195.6802 AND NOT the patch kb824146 is installed (Hotfix key)