[email protected]CVE-2005-1985

HistoryOct 13, 2005 - 10:02 a.m.

CVE-2005-1985

2005-10-1310:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

netware

microsoft

windows

cve-2005-1985

security vulnerability

remote code execution

network messages

buffer overflow

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.216 Low

EPSS

Percentile

96.4%

JSON

The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an “unchecked buffer” when processing certain crafted network messages.

CPENameOperatorVersion
microsoft:windows_xpmicrosoft windows xpeq*
microsoft:windows_2003_servermicrosoft windows 2003 servereqsp1
microsoft:windows_2003_servermicrosoft windows 2003 servereqr2
microsoft:windows_2000microsoft windows 2000eq*

CPE	Name	Operator	Version
microsoft:windows_xp	microsoft windows xp	eq	*
microsoft:windows_2003_server	microsoft windows 2003 server	eq	sp1
microsoft:windows_2003_server	microsoft windows 2003 server	eq	r2
microsoft:windows_2000	microsoft windows 2000	eq	*

References

secunia.com/advisories/17165

securitytracker.com/id?1015041

www.osvdb.org/19922

www.securityfocus.com/bid/15066

docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-046

exchange.xforce.ibmcloud.com/vulnerabilities/21700

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1106

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1210

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1536

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1544

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A910

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.216 Low

EPSS

Percentile

96.4%

JSON

Related for CVE-2005-1985

checkpoint_advisories1 securityvulns1 canvas1 nessus2