Lucene search

[email protected]CVE-2005-0051

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0051

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

windows xp

server service

named pipe vulnerability

information security

remote attack

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.2 Medium

AI Score

Confidence

Low

0.847 High

EPSS

Percentile

98.5%

JSON

The Server service (srvsvc.dll) in Windows XP SP1 and SP2 allows remote attackers to obtain sensitive information (users who are accessing resources) via an anonymous logon using a named pipe, which is not properly authenticated, aka the “Named Pipe Vulnerability.”

Affected configurations

NVD

Node

microsoftwindows_xpsp164-bit

microsoftwindows_xpsp1tablet_pc

microsoftwindows_xpsp2tablet_pc

CPENameOperatorVersion
microsoft:windows_xpmicrosoft windows xpeq*

CPE	Name	Operator	Version
microsoft:windows_xp	microsoft windows xp	eq	*

References

secunia.com/advisories/14189

securitytracker.com/id?1013112

www.kb.cert.org/vuls/id/939074

www.securityfocus.com/bid/12486

www.us-cert.gov/cas/techalerts/TA05-039A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-007

exchange.xforce.ibmcloud.com/vulnerabilities/19093

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2292

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3055

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.2 Medium

AI Score

Confidence

Low

0.847 High

EPSS

Percentile

98.5%

JSON

Related for CVE-2005-0051

nvd1 securityvulns1 cvelist1 nessus2 cert1