oval:org.mitre.oval:def:296

Definition Id: oval:org.mitre.oval:def:296

Oval ID:	oval:org.mitre.oval:def:296
Title:	Windows 2000 RPCSS DCOM Buffer Overflow (Blaster, Test 2)
Description:	Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0352	Version:	6
Platform(s):	Microsoft Windows 2000	Product(s):	Remote Procedure Call (RPC)
Definition Synopsis:
Software section Windows 2000 is installed AND File %windir%\system32\rpcrt4.dll version is less than 5.0.2195.6753 AND NOT Patch Windows2000-KB823980-x86-ENU.exe Installed AND Configuration section DCOM is enabled on systems with SP3 or later Win2K/XP/2003 service pack 3 (or later) is installed AND DCOM is enabled