CVE-2003-0533

Published: Jun 1, 2004Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.

Affected (8)

Products: Microsoft: Netmeeting, Windows 2000, Windows 2003 Server, Windows 98, Windows Me, Windows Nt, Windows Xp

7 products

Windows 2003 Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Netmeeting	All versions

Configuration B

7 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 2000	All versions
Microsoft Windows 2000	All versions
Microsoft Windows 2003 Server	Version r2
Microsoft Windows 98	All versions
Microsoft Windows Me	All versions
Microsoft Windows Nt	Version 4.0 sp6a
Microsoft Windows Xp	All versions

References (24)

http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020069.html

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=108325860431471&w=2

Source: cve@mitre.org

http://www.ciac.org/ciac/bulletins/o-114.shtml

Source: cve@mitre.org

http://www.eeye.com/html/Research/Advisories/AD20040413C.html

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/753212

Source: cve@mitre.org

PatchThird Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/10108

Source: cve@mitre.org

http://www.us-cert.gov/cas/techalerts/TA04-104A.html

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/15699

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A883

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A898

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A919

Source: cve@mitre.org

http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020069.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=108325860431471&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ciac.org/ciac/bulletins/o-114.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.eeye.com/html/Research/Advisories/AD20040413C.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/753212

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/10108

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.us-cert.gov/cas/techalerts/TA04-104A.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/15699

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A883

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A898

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A919

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.