Lucene search

[email protected]CVE-2004-1080

HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1080

2005-01-1005:00:00

[email protected]

web.nvd.nist.gov

wins service

windows nt

windows 2000 server

windows server 2003

remote attackers

memory locations

arbitrary code

association context vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.97 High

EPSS

Percentile

99.7%

JSON

The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the “Association Context Vulnerability.”

Affected configurations

NVD

Node

microsoftwindows_2000

microsoftwindows_2000sp1

microsoftwindows_2000sp2

microsoftwindows_2000sp3

microsoftwindows_2000sp4

microsoftwindows_2003_serverMatch2000small_business_server

microsoftwindows_2003_serverMatch2003small_business_server

microsoftwindows_2003_serverMatchenterprise64-bit

microsoftwindows_2003_serverMatchenterprise_64-bit

microsoftwindows_2003_serverMatchr264-bit

microsoftwindows_2003_serverMatchr2datacenter_64-bit

microsoftwindows_2003_serverMatchstandard64-bit

microsoftwindows_2003_serverMatchweb

microsoftwindows_ntMatch4.0enterprise_server

microsoftwindows_ntMatch4.0server

microsoftwindows_ntMatch4.0terminal_server

microsoftwindows_ntMatch4.0sp1enterprise_server

microsoftwindows_ntMatch4.0sp1server

microsoftwindows_ntMatch4.0sp1terminal_server

microsoftwindows_ntMatch4.0sp2enterprise_server

microsoftwindows_ntMatch4.0sp2server

microsoftwindows_ntMatch4.0sp2terminal_server

microsoftwindows_ntMatch4.0sp3enterprise_server

microsoftwindows_ntMatch4.0sp3server

microsoftwindows_ntMatch4.0sp3terminal_server

microsoftwindows_ntMatch4.0sp4enterprise_server

microsoftwindows_ntMatch4.0sp4server

microsoftwindows_ntMatch4.0sp4terminal_server

microsoftwindows_ntMatch4.0sp5enterprise_server

microsoftwindows_ntMatch4.0sp5server

microsoftwindows_ntMatch4.0sp5terminal_server

microsoftwindows_ntMatch4.0sp6enterprise_server

microsoftwindows_ntMatch4.0sp6server

microsoftwindows_ntMatch4.0sp6terminal_server

microsoftwindows_ntMatch4.0sp6aenterprise_server

microsoftwindows_ntMatch4.0sp6aserver

microsoftwindows_ntMatch4.0sp6aterminal_server

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*
microsoft:windows_2003_servermicrosoft windows 2003 servereq2000
microsoft:windows_2003_servermicrosoft windows 2003 servereq2003
microsoft:windows_2003_servermicrosoft windows 2003 servereqenterprise
microsoft:windows_2003_servermicrosoft windows 2003 servereqenterprise_64-bit
microsoft:windows_2003_servermicrosoft windows 2003 servereqr2
microsoft:windows_2003_servermicrosoft windows 2003 servereqstandard
microsoft:windows_2003_servermicrosoft windows 2003 servereqweb
microsoft:windows_ntmicrosoft windows nteq4.0

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*
microsoft:windows_2003_server	microsoft windows 2003 server	eq	2000
microsoft:windows_2003_server	microsoft windows 2003 server	eq	2003
microsoft:windows_2003_server	microsoft windows 2003 server	eq	enterprise
microsoft:windows_2003_server	microsoft windows 2003 server	eq	enterprise_64-bit
microsoft:windows_2003_server	microsoft windows 2003 server	eq	r2
microsoft:windows_2003_server	microsoft windows 2003 server	eq	standard
microsoft:windows_2003_server	microsoft windows 2003 server	eq	web
microsoft:windows_nt	microsoft windows nt	eq	4.0