CVE-2003-0533

N/A Unknown

Published: June 01, 2004 Modified: April 16, 2026

Description

Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020069.html

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=108325860431471&w=2

Source: cve@mitre.org

http://www.ciac.org/ciac/bulletins/o-114.shtml

Source: cve@mitre.org

http://www.eeye.com/html/Research/Advisories/AD20040413C.html

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/753212

Source: cve@mitre.org

Patch Third Party Advisory US Government Resource

http://www.securityfocus.com/bid/10108

Source: cve@mitre.org

http://www.us-cert.gov/cas/techalerts/TA04-104A.html

Source: cve@mitre.org

Third Party Advisory US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/15699

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A883

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A898

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A919

Source: cve@mitre.org

http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020069.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=108325860431471&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ciac.org/ciac/bulletins/o-114.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.eeye.com/html/Research/Advisories/AD20040413C.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/753212

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Third Party Advisory US Government Resource

http://www.securityfocus.com/bid/10108

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.us-cert.gov/cas/techalerts/TA04-104A.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/15699

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A883

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A898

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A919

Source: af854a3a-2127-422b-91ae-364da2661108

24 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

89.0%

100th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

microsoft