CVE-2003-0825

Public PoC / Exploit

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code.

Weaknesses (CWE)

CWE-20

Affected Products (34)

microsoft · windows_2000vulnerable

microsoft · windows_2003_servervulnerable

References (20)

http://www.ciac.org/ciac/bulletins/o-077.shtml

http://www.kb.cert.org/vuls/id/445214

US Government Resource

http://www.osvdb.org/3903

http://www.securityfocus.com/bid/9624

PatchVendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-006

https://exchange.xforce.ibmcloud.com/vulnerabilities/15037

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A704

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A800

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A801