Lucene search
SAINT CorporationSAINT:D9AEEEDEF29A5AABFC40DB8BC7628AD3HistoryFeb 10, 2006 - 12:00 a.m.
Microsoft WINS replication service pointer corruption
2006-02-1000:00:00
SAINT Corporation
www.saintcorporation.com
8
0.97 High
EPSS
Percentile
99.7%
Added: 02/10/2006
CVE: CVE-2004-1080
BID: 11763
OSVDB: 12378
Background
The Windows Internet Naming Service (WINS) maps Netbios names to IP addresses. The WINS replication service runs on port 42/TCP and allows WINS servers to share Netbios name information with other WINS servers.
Problem
The WINS replication protocol allows the client to modify the memory pointer which is used in the communication which follows, leading to command execution.
Resolution
Install the patch referenced in Microsoft Security Bulletin 04-045.
References
<http://www.immunitysec.com/downloads/instantanea.pdf>
Platforms
Windows
Related
cve
cve
CVE-2004-1080
2005-01-10 05:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft WINS Replication Attack (CVE-2004-1080)
2004-12-01 00:00:00
nvd
nvd
CVE-2004-1080
2005-01-10 05:00:00
cert
cert
canvas
canvas
Immunity Canvas: MSWINSTCP
2005-01-10 05:00:00
saint
saint
Microsoft WINS replication service pointer corruption
2006-02-10 00:00:00
Microsoft WINS replication service pointer corruption
2006-02-10 00:00:00
Microsoft WINS replication service pointer corruption
2006-02-10 00:00:00
cvelist
cvelist
CVE-2004-1080
2004-12-01 05:00:00
packetstorm
packetstorm
Microsoft WINS Service Memory Overwrite
2009-11-26 00:00:00
securityvulns
securityvulns
nessus
nessus
MS04-035: WINS Code Execution (870763) (uncredentialed check)
2004-12-15 00:00:00
MS04-045: WINS Code Execution (870763)
2004-12-14 00:00:00