Vulnerability Report
Global CVE-2003-0818
- View:
- Activity
-
Activity (past 24 hours)
By Country
Key Country 
Attacks per subnet Percentage 
BE (Belgium)9.11 25.9%
HR (Croatia)6.90 19.6%
US (United States)6.10 17.3%
BZ (Belize)1.98 5.6%
KR (South Korea)1.07 3.0%
JP (Japan)0.93 2.6%
CA (Canada)0.87 2.5%
DE (Germany)0.77 2.2%
PL (Poland)0.71 2.0%
CN (China)0.66 1.9%Other 6.08 17.3%By ASN
Key ASN Attacks per subnet Percentage AS5432 (BELGACOM-SKYNET-AS) 9.11 25.9%AS35648 (T-MOBILE-HR-AS) 6.90 19.6%AS10269 (Belize) 1.98 5.6%AS19262 (VZGNI-TRANSIT) 1.57 4.5%AS209 (ASN-QWEST) 0.72 2.1%AS17877 (NEXG-AS-KR) 0.71 2.0%AS9299 (IPG-AS-AP) 0.60 1.7%AS3320 (DTAG) 0.54 1.5%AS577 (BACOM) 0.52 1.5%AS12322 (PROXAD) 0.48 1.4%Other 12.04 34.2%By Host
Key Host Attacks per subnet Percentage 87.252.152.205 6.90 19.6%190.197.36.52 (btl-new-ip-52.btl.net) 1.98 5.6%91.178.74.206 (206.74-178-91.adsl-dyn.isp.belgacom.be) 1.11 3.1%211.232.4.171 (211-232-4-171.nexg.net) 0.71 2.0%199.101.14.198 (ccc-14-198.chemeketa.edu) 0.70 2.0%141.158.29.172 (pool-141-158-29-172.phil.east.verizon.net) 0.54 1.5%71.176.15.131 (pool-71-176-15-131.nrflva.east.verizon.net) 0.48 1.4%200.76.148.47 (host-200-76-148-47.block.alestra.net.mx) 0.42 1.2%81.241.145.212 (212.145-241-81.adsl-dyn.isp.belgacom.be) 0.39 1.1%213.179.59.30 0.39 1.1%Other 21.56 61.3%By Country
Key Country Bytes per subnet Percentage US (United States)31.90 kB 20.7% DE (Germany)17.82 kB 11.6% BE (Belgium)15.66 kB 10.2%
FR (France)10.11 kB 6.6%
ZA (South Africa)7.62 kB 4.9% CN (China)5.45 kB 3.5%
TW (Taiwan)3.96 kB 2.6% KR (South Korea)3.94 kB 2.6% PL (Poland)3.88 kB 2.5%
FI (Finland)3.85 kB 2.5%Other 49.91 kB 32.4%By ASN
Key ASN Bytes per subnet Percentage AS5432 (BELGACOM-SKYNET-AS) 15.50 kB 10.1%AS3320 (DTAG) 15.08 kB 9.8%AS19262 (VZGNI-TRANSIT) 7.62 kB 4.9%AS3741 (IS) 7.05 kB 4.6%AS3462 (HINET) 3.68 kB 2.4%AS719 (ELISA-AS) 3.36 kB 2.2%AS4134 (CHINANET-BACKBONE) 3.26 kB 2.1%AS3269 (ASN-IBSNAZ) 2.79 kB 1.8%AS7132 (SBIS-AS) 2.44 kB 1.6%AS3352 (TELEFONICA-DATA-ESPANA) 2.28 kB 1.5%Other 91.04 kB 59.1%By Host
Key Host Bytes per subnet Percentage 141.158.29.172 (pool-141-158-29-172.phil.east.verizon.net) 4.74 kB 3.1%91.176.95.50 (50.95-176-91.adsl-dyn.isp.belgacom.be) 3.23 kB 2.1%62.193.229.149 (wpc1636.amenworld.com) 2.21 kB 1.4%190.197.36.52 (btl-new-ip-52.btl.net) 1.98 kB 1.3%167.206.231.2 (frpt231-2.optonline.net) 1.78 kB 1.2%213.234.240.94 1.70 kB 1.1%62.234.132.223 1.68 kB 1.1%83.36.61.187 1.59 kB 1.0%81.0.194.7 (81-0-192-7.eurosignal.cz) 1.56 kB 1.0%65.164.49.149 1.54 kB 1.0%Other 132.09 kB 85.7%
Background
- Severity:
- High
- CVSS Score:
- 7.0
Discovered: 2004-03-03
Published: 2004-03-03
Last modified: 2006-03-28
Description: Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings.
Impact: Availability, Confidentiality, Integrity, Security Protections
Where: From remote network
Status: Patch available
References
- CERT - TA04-041A
- BUGTRAQ - 20040210 EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
- BUGTRAQ - 20040210 EEYE: Microsoft ASN.1 Library Bit String Heap Corruption
- NTBUGTRAQ - 20040210 EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
- NTBUGTRAQ - 20040210 EEYE: Microsoft ASN.1 Library Bit String Heap Corruption
- OVAL - OVAL653
- OVAL - OVAL796
- OVAL - OVAL797
- OVAL - OVAL799
- OVAL - oval:org.mitre.oval:def:653
- OVAL - oval:org.mitre.oval:def:796
- OVAL - oval:org.mitre.oval:def:797
- OVAL - oval:org.mitre.oval:def:799
- CERT - Microsoft ASN.1 Library improperly decodes malformed ASN.1 length values Type: advisory
- CERT-VN - VU#583108
- Microsoft - ASN.1 Vulnerability Could Allow Code Execution (828028) Type: advisory, patch
- CERT - TA04-041A
Vendors: Microsoft
Affected Products
- Windows NT Terminal Server 4.0
- Windows NT Server 4.0
- Windows NT Workstation 4.0
- Windows NT Server 4.0 SP2
- Windows 2000 Professional
- Windows 2000 Server
- Windows 2000 Advanced Server
- Windows 2000 Advanced Server SP1
- Windows 2000 Professional SP1
- Windows 2000 Server SP1
- Windows 2000 Professional SP3
- Windows 2000 Professional SP2
- Windows XP Home SP1
- Windows XP Home
- Windows XP Professional SP1
- Windows XP Professional
- Windows NT Workstation 4.0 SP6a
- Windows NT Workstation 4.0 SP6
- Windows NT Workstation 4.0 SP5
- Windows NT Workstation 4.0 SP4
- Windows NT Workstation 4.0 SP3
- Windows NT Workstation 4.0 SP2
- Windows NT Workstation 4.0 SP1
- Windows NT Terminal Server 4.0 SP6
- Windows NT Terminal Server 4.0 SP5
- Windows NT Terminal Server 4.0 SP4
- Windows NT Terminal Server 4.0 SP3
- Windows NT Terminal Server 4.0 SP2
- Windows NT Terminal Server 4.0 SP1
- Windows NT Server 4.0 SP6a
- Windows NT Server 4.0 SP6
- Windows NT Server 4.0 SP5
- Windows NT Server 4.0 SP4
- Windows NT Server 4.0 SP3
- Windows NT Server 4.0 SP1
- Windows 2000 Server SP2
- Windows 2000 Advanced Server SP2
- Windows XP 64-bit
- Windows 2000 Advanced Server SP3
- Windows 2000 Server SP3
- Windows XP 64-bit SP1
- Windows Server 2003 Datacenter
- Windows Server 2003 Datacenter 64-bit
- Windows Server 2003 Enterprise
- Windows Server 2003 Enterprise 64-bit
- Windows Server 2003 Standard
- Windows Server 2003 Web
- Windows XP 64-bit Version 2003
- Windows XP 64-bit Version 2003 SP1
TCP/IP Services
- TCP/80
- TCP/445
- TCP/139
NVD Entry: CVE-2003-0818
-
430 Bedford Street Lexington, MA 02420
T 781.684.0900 | 866.212.7267 F 781.768.3299
Copyright © 2006-2008 Arbor Networks, Inc., All rights reserved.
About ATLAS | Terms of Use | Legal Notice | Privacy Policy