MSRPC DCOM Heap Corruption Exploit v1.13 Vulnerability exploited: CAN-2003-0715 - BID-8458 Category: Exploits/Remote This module exploits a buffer overflow and installs a level0 agent into the target host. This module exploits a heap memory corruption vulnerability in the part of RPCSS Service that deals with RPC messages for DCOM activation.The vulnerability is triggered by sending a "bind" packet followed by a malformed DCERPC DCOM packet. Manipulating the length fields within the packet allows portions of the heap memory to be overwritten with user defined data.Sending the packets between 4 and 5 times triggers the overwrite of an arbitrary address with an arbitrary value. Supported Systems: Windows 2000 Advanced Server - sp3 (i386) Windows 2000 Advanced Server - sp4 (i386) Windows 2000 Server - sp3 (i386) Windows 2000 Server - sp4 (i386) Windows 2000 Professional - sp3 (i386) Windows 2000 Professional - sp4 (i386) This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.