10 matches found
Zotob Worm Infection (Shell)
Binary data 3166.prm...
Zotob Worm Infection (FTP)
Binary data 3165.prm...
Zotob Worm Detection
A Microsoft Windows shell is running on port 8888. This may indicate an infection by the Zotob worm, although other worms may also create a shell on this port. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid19429; scriptversion"1.10"; scriptnameenglish:"Zotob Worm...
Zotob Worm Infection (Microsoft)
Binary data 3164.prm...
CVE-2005-1983
Stack-based buffer overflow in the Plug and Play PnP service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob aka Mytob worm...
CVE-2005-1983
Stack-based buffer overflow in the Plug and Play PnP service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob aka Mytob worm...
CVE-2005-1983
CVE-2005-1983 involves a stack-based buffer overflow in the Windows Plug and Play (PnP) service. Public details in connected sources describe a remote-code-execution vulnerability that can be triggered by a crafted PnP RPC packet, affecting Windows 2000 and Windows XP with SP1, and was notably ex...
MS05-039: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588)
The remote version of Windows contains a flaw in the function PNPQueryResConfList in the Plug and Play service that could allow an attacker to execute arbitrary code on the remote host with the SYSTEM privileges. A series of worms Zotob are known to exploit this vulnerability in the wild. Tenable...
VulnCheck KEV: CVE-2005-1983
Stack-based buffer overflow in the Plug and Play PnP service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob aka Mytob worm...
MS05-039: Vulnerability in Plug and Play Service Could Allow Remote Code Execution (899588) (uncredentialed check)
The remote version of Windows contains a flaw in the function 'PNPQueryResConfList' in the Plug and Play service that may allow an attacker to execute arbitrary code on the remote host with SYSTEM privileges. A series of worms Zotob are known to exploit this vulnerability in the wild. C Tenable...