CVE-2004-1080

Severity

99%

Complexity

99%

Confidentiality

165%

The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."

The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

Type

Microsoft

First reported 20 years ago

2005-01-10 05:00:00

Last updated 5 years ago

2019-04-30 14:27:00

Affected Software

Microsoft Windows 2000

Microsoft windows 2000_sp1

Microsoft windows 2000_sp2

Microsoft windows 2000_sp3

Microsoft Windows 2000 Service Pack 4

Microsoft Windows 4.0 sp1 server

4.0

Microsoft Windows NT Terminal Server 4.0 SP1

4.0

Microsoft Windows 4.0 sp2 server

4.0

Microsoft Windows NT Terminal Server 4.0 SP2

4.0

Microsoft Windows 4.0 sp3 server

4.0

Microsoft Windows NT Terminal Server 4.0 SP3

4.0

Microsoft Windows 4.0 sp4 server

4.0

Microsoft Windows NT Terminal Server 4.0 SP4

4.0

Microsoft Windows 4.0 sp5 server

4.0

Microsoft Windows NT Terminal Server 4.0 SP5

4.0

Microsoft Windows 4.0 sp6 server

4.0

Microsoft Windows NT Terminal Server 4.0 SP6

4.0

Microsoft Windows 4.0 sp6a server

4.0

Microsoft Windows NT Terminal Server 4.0 SP6a

4.0

References

20041126 Immunity, Inc Advisor

13328

1012516

890710

P-054

http://www.immunitysec.com/downloads/instantanea.pdf

VU#145134

Patch, Third Party Advisory, US Government Resource

12378

11763

Patch, Vendor Advisory

20041129 Microsoft WINS Server Vulnerability

MS04-045

wins-memory-pointer-hijack(18259)

oval:org.mitre.oval:def:1549

oval:org.mitre.oval:def:2541

oval:org.mitre.oval:def:2734

oval:org.mitre.oval:def:3677

oval:org.mitre.oval:def:4372

oval:org.mitre.oval:def:4831

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.