Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2004-1080
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability.".
CVSSv2.0 Score
- Severity
- High
- Base Score
- 10/10
- Exploit Score
- 10/10
- Access Vector
- Network
- Access Complexity
- Low
- Authentication Required
- None
- Impact Score
- 10/10
- Confidentiality Impact
- Complete
- Availability Impact
- Complete
- Integrity Impact
- Complete
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit: |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_2003_server:2003:*:small_busines |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*: |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_2003_server:2000:*:small_busines |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-b |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server:*:*: |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*: |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*: |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*: |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:* |
Yes
|
- | - | |
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:* |
Yes
|
- | - |
References
- http://www.securityfocus.com/bid/11763
- http://www.kb.cert.org/vuls/id/145134
- http://www.immunitysec.com/downloads/instantanea.pdf
- http://xforce.iss.net/xforce/alerts/id/184
- http://support.microsoft.com/kb/890710
- http://www.ciac.org/ciac/bulletins/p-054.shtml
- http://secunia.com/advisories/13328/
- http://www.osvdb.org/12378
- http://securitytracker.com/id?1012516
- http://marc.info/?l=bugtraq&m=110150370506704&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18259
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-045