oval:org.mitre.oval:def:494

Definition Id: oval:org.mitre.oval:def:494

Oval ID:	oval:org.mitre.oval:def:494
Title:	MS Windows RPC DCOM DoS-based Privilege Escalation Vulnerability
Description:	The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0605	Version:	6
Platform(s):	Microsoft Windows 2000	Product(s):	Remote Procedure Call (RPC)
Definition Synopsis:
Software section Windows 2000 is installed AND the version of rpcrt4.dll is less than 5.0.2195.6802 AND NOT the patch kb824146 is installed (Hotfix key) AND Configuration section DCOM is enabled on systems with SP3 or later Win2K/XP/2003 service pack 3 (or later) is installed AND DCOM is enabled