MSRPC LSASS Buffer Overflow exploit v1.9 Vulnerability exploited: CAN-2003-0533 - BID-10108 Category: Exploits/Remote This module exploits a buffer overflow and installs a level0 agent into the target host. This module exploits a stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.This service is accessible via the TCP port 139 and 445. Supported Systems: Windows 2000 Server - sp0 (i386) Windows 2000 Server - sp1 (i386) Windows 2000 Server - sp2 (i386) Windows 2000 Server - sp3 (i386) Windows 2000 Server - sp4 (i386) Windows 2000 Advanced Server - sp0 (i386) Windows 2000 Advanced Server - sp1 (i386) Windows 2000 Advanced Server - sp2 (i386) Windows 2000 Advanced Server - sp3 (i386) Windows 2000 Advanced Server - sp4 (i386) Windows 2000 Professional - sp0 (i386) Windows 2000 Professional - sp1 (i386) Windows 2000 Professional - sp2 (i386) Windows 2000 Professional - sp3 (i386) Windows 2000 Professional - sp4 (i386) Windows XP Professional - sp0 (i386) Windows XP Professional - sp1 (i386) Windows XP Home Edition - sp0 (i386) Windows XP Home Edition - sp1 (i386) This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.