Vulnerability Note VU#753212

Microsoft LSA Service contains buffer overflow in DsRolepInitializeLog() function

Original Release date: 13 Apr 2004 | Last revised: 13 Apr 2004


The Windows Local Security Authority Service Server (LSASS) contains a vulnerability that may permit an attacker to completely compromise the system.


A buffer overflow vulnerability exists in a Microsoft Active Directory service logging function that is exposed by the LSASS DCE/RPC interface. The vulnerability occurs due to the misuse of a vsprintf() call. For a full technical description, please see eEye Digital Security's Advisiory. This vulnerability affects the following systems:

  • Windows 2000
  • Windows XP
  • Windows Server 2003 - Microsoft notes that while the vulnerability exists in Window Server 2003, it could only be expoited by a local administrator.


A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary code on the vulnerable system.


Apply a patch from the vendor

Microsoft Security Bulletin MS04-011 contains patch information to resolve this issue.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Microsoft CorporationAffected-13 Apr 2004
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A



The Microsoft Security Bulletin credits eEye Digital Security for reporting this vulnerability.

This document was written by Jason A Rafail.

Other Information

  • CVE IDs: CAN-2003-0533
  • Date Public: 13 Apr 2004
  • Date First Published: 13 Apr 2004
  • Date Last Updated: 13 Apr 2004
  • Severity Metric: 35.44
  • Document Revision: 7


If you have feedback, comments, or additional information about this vulnerability, please send us email.