CVE-2004-1080

Current Description

The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."

Basic Data

PublishedJanuary 10, 2005
Last ModifiedApril 30, 2019
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score10.0
SeverityHIGH
Exploitability Score10.0
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSMicrosoftWindows 2000********
    2.3OSMicrosoftWindows 2000*sp1******
    2.3OSMicrosoftWindows 2000*sp2******
    2.3OSMicrosoftWindows 2000*sp3******
    2.3OSMicrosoftWindows 2000*sp4******
    2.3OSMicrosoftWindows 2003 Server2000*small_business_server*****
    2.3OSMicrosoftWindows 2003 Server2003*small_business_server*****
    2.3OSMicrosoftWindows 2003 Serverenterprise*64-bit*****
    2.3OSMicrosoftWindows 2003 Serverenterprise_64-bit*******
    2.3OSMicrosoftWindows 2003 Serverr2*64-bit*****
    2.3OSMicrosoftWindows 2003 Serverr2*datacenter_64-bit*****
    2.3OSMicrosoftWindows 2003 Serverstandard*64-bit*****
    2.3OSMicrosoftWindows 2003 Serverweb*******
    2.3OSMicrosoftWindows Nt4.0*enterprise_server*****
    2.3OSMicrosoftWindows Nt4.0*server*****
    2.3OSMicrosoftWindows Nt4.0*terminal_server*****
    2.3OSMicrosoftWindows Nt4.0sp1enterprise_server*****
    2.3OSMicrosoftWindows Nt4.0sp1server*****
    2.3OSMicrosoftWindows Nt4.0sp1terminal_server*****
    2.3OSMicrosoftWindows Nt4.0sp2enterprise_server*****
    2.3OSMicrosoftWindows Nt4.0sp2server*****
    2.3OSMicrosoftWindows Nt4.0sp2terminal_server*****
    2.3OSMicrosoftWindows Nt4.0sp3enterprise_server*****
    2.3OSMicrosoftWindows Nt4.0sp3server*****
    2.3OSMicrosoftWindows Nt4.0sp3terminal_server*****
    2.3OSMicrosoftWindows Nt4.0sp4enterprise_server*****
    2.3OSMicrosoftWindows Nt4.0sp4server*****
    2.3OSMicrosoftWindows Nt4.0sp4terminal_server*****
    2.3OSMicrosoftWindows Nt4.0sp5enterprise_server*****
    2.3OSMicrosoftWindows Nt4.0sp5server*****
    2.3OSMicrosoftWindows Nt4.0sp5terminal_server*****
    2.3OSMicrosoftWindows Nt4.0sp6enterprise_server*****
    2.3OSMicrosoftWindows Nt4.0sp6server*****
    2.3OSMicrosoftWindows Nt4.0sp6terminal_server*****
    2.3OSMicrosoftWindows Nt4.0sp6aenterprise_server*****
    2.3OSMicrosoftWindows Nt4.0sp6aserver*****
    2.3OSMicrosoftWindows Nt4.0sp6aterminal_server*****

Vulnerable Software List

VendorProductVersions
Microsoft Windows 2000 *
Microsoft Windows 2003 Server 2000, 2003, enterprise, enterprise_64-bit, r2, standard, web
Microsoft Windows Nt 4.0

References

NameSourceURLTags
20041126 Immunity, Inc Advisorhttp://marc.info/?l=bugtraq&m=110150370506704&w=2BUGTRAQ
13328http://secunia.com/advisories/13328/SECUNIA
1012516http://securitytracker.com/id?1012516SECTRACK
890710http://support.microsoft.com/kb/890710MSKB
P-054http://www.ciac.org/ciac/bulletins/p-054.shtmlCIAC
http://www.immunitysec.com/downloads/instantanea.pdfhttp://www.immunitysec.com/downloads/instantanea.pdfMISC
VU#145134http://www.kb.cert.org/vuls/id/145134CERT-VNPatch Third Party Advisory US Government Resource
12378http://www.osvdb.org/12378OSVDB
11763http://www.securityfocus.com/bid/11763BIDPatch Vendor Advisory
20041129 Microsoft WINS Server Vulnerabilityhttp://xforce.iss.net/xforce/alerts/id/184ISS
MS04-045https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-045MS
wins-memory-pointer-hijack(18259)https://exchange.xforce.ibmcloud.com/vulnerabilities/18259XF
oval:org.mitre.oval:def:1549https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1549OVAL
oval:org.mitre.oval:def:2541https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2541OVAL
oval:org.mitre.oval:def:2734https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2734OVAL
oval:org.mitre.oval:def:3677https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3677OVAL
oval:org.mitre.oval:def:4372https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4372OVAL
oval:org.mitre.oval:def:4831https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4831OVAL