SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2004-1080

Date: (C)2005-01-10 (M)2023-12-22

The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE

Reference:

SECTRACK-1012516

http://marc.info/?l=bugtraq&m=110150370506704&w=2

http://xforce.iss.net/xforce/alerts/id/184

http://www.immunitysec.com/downloads/instantanea.pdf

oval:org.mitre.oval:def:1549

oval:org.mitre.oval:def:2541

oval:org.mitre.oval:def:2734

oval:org.mitre.oval:def:3677

oval:org.mitre.oval:def:4372

oval:org.mitre.oval:def:4831

wins-memory-pointer-hijack(18259)

cpe:/o:microsoft:windows_nt:4.0:sp6:server
cpe:/o:microsoft:windows_nt:4.0:sp4:server
cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server
cpe:/o:microsoft:windows_nt:4.0:sp5:server
...

oval:org.mitre.oval:def:2541
oval:org.mitre.oval:def:3677
oval:org.mitre.oval:def:1549
oval:org.mitre.oval:def:4372
...

© SecPod Technologies