CERTA-2003-AVI-157
Vulnerability from certfr_avis

Il est possible de provoquer l'arrêt inopiné du démon DCE dced.

Description

DCE (Distributed Computing Environment) est un ensemble de services et d'outils qui permettent la création et le déploiement d'applications distribuées.

Une vulnérabilité de DCE permet à un utilisateur mal intentionné d'arrêter inopinément le service DCE.

Il est possible que les scans sur le service RPC de Microsoft provoquent l'arrêt du service.

Solution

Appliquer le correctif de votre éditeur.

DCE version 1.2.2c.

Les versions antérieures de DCE sont potentiellement vulnérables, mais ne sont plus maintenues.

Impacted products
Vendor Product Description
References

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eDCE version 1.2.2c.\u003c/P\u003e  \u003cP\u003eLes versions ant\u00e9rieures de DCE sont potentiellement  vuln\u00e9rables, mais ne sont plus maintenues.\u003c/P\u003e",
  "content": "## Description\n\nDCE (Distributed Computing Environment) est un ensemble de services et\nd\u0027outils qui permettent la cr\u00e9ation et le d\u00e9ploiement d\u0027applications\ndistribu\u00e9es.  \n\nUne vuln\u00e9rabilit\u00e9 de DCE permet \u00e0 un utilisateur mal intentionn\u00e9\nd\u0027arr\u00eater inopin\u00e9ment le service DCE.  \n\nIl est possible que les scans sur le service RPC de Microsoft provoquent\nl\u0027arr\u00eat du service.\n\n## Solution\n\nAppliquer le correctif de votre \u00e9diteur.\n",
  "cves": [],
  "initial_release_date": "2003-10-03T00:00:00",
  "last_revision_date": "2003-10-03T00:00:00",
  "links": [
    {
      "title": "Avis de s\u00e9curit\u00e9 20030902-01-P de SGI :",
      "url": "http://www.sgi.com/support/security/advisories.html"
    }
  ],
  "reference": "CERTA-2003-AVI-157",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2003-10-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": "Il est possible de provoquer l\u0027arr\u00eat inopin\u00e9 du d\u00e9mon DCE \u003cspan\nclass=\"textit\"\u003edced\u003c/span\u003e.\n",
  "title": "Vuln\u00e9rabilit\u00e9 de DCE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Avis de s\u00e9curit\u00e9 SGI 20030902-01-P",
      "url": null
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.