[German]Microsoft patches numerous vulnerabilities in Windows (and other products) every month. Often known vulnerabilities, but not closed by updates, are used in attacks. The other day I came across a large collection of Windows vulnerabilities that can be exploited by various tools to manipulate privileges if necessary.
Advertising
I came across this issue via following tweet by Nicolas Krassas. A user lyshark collects these vulnerabilities (Windows exploits) on this GitHub website.
These are vulnerabilities that have a CVE number and have long been known and patched by Microsoft. I took a look at the downloadable ZIP archive files. They are readme text files that contain the respective details about the vulnerable Windows versions. Some of the vulnerabilities refer to ancient Windows versions that have long since fallen out of support.
The purpose is not yet clear to me, for example when I look at the details of CVE-2003-0352.
### CVE-2003-0352
#### 描述
某些RPC的DCOM接口中的缓冲区溢出使远程攻击者可以通过格式错误的消息执行任意代码
#### 影响版本
| Product | CPU Architecture | Version | Update | Tested |
| ——————- | —————- | ——- | —— | —————— |
| Windows 2000 | | | | |
| Windows 2000 | | | SP1 | |
| Windows 2000 | | | SP2 | |
| Windows 2000 | | | SP3 | |
| Windows 2000 | | | SP4 | ✔ |
| Windows Server 2003 | | R2 | | |
| Windows Nt | | | SP1 | |
| Windows Nt | | 4.0 | SP2 | |
| Windows Nt | | 4.0 | SP3 | |
| Windows Nt | | 4.0 | SP4 | |
| Windows Nt | | 4.0 | SP5 | |
| Windows Nt | | 4.0 | Sp6a | |
| Windows Nt | | 4.0 | SP6 | |
| Windows Xp | | | SP1 | |
| Windows Xp | | | Gold | |#### 利用方式
测试系统Windows 2000 SP4 x86
"`
use exploit/windows/dcerpc/ms03_026_dcom
set RHOST 192.168.1.17
run
"`
查看系统信息
What do people (probably from the Chinese area) want with these old CVEs?
Advertising
