Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2005-0045
HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0045

2005-05-0204:00:00
[email protected]
web.nvd.nist.gov
41
cve-2005-0045
smb
windows
remote code execution
nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.96 High

EPSS

Percentile

99.5%

JSON

The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2) Trans2 commands, aka the “Server Message Block Vulnerability,” and as demonstrated using Trans2 FIND_FIRST2 responses with large file name length fields.

Affected configurations

NVD
Node
microsoftwindows_2000
OR
microsoftwindows_2000sp1
OR
microsoftwindows_2000sp2
OR
microsoftwindows_2000sp3
OR
microsoftwindows_2000sp4
OR
microsoftwindows_2003_serverMatchenterprise64-bit
OR
microsoftwindows_2003_serverMatchenterprise_64-bit
OR
microsoftwindows_2003_serverMatchr264-bit
OR
microsoftwindows_2003_serverMatchr2datacenter_64-bit
OR
microsoftwindows_2003_serverMatchstandard64-bit
OR
microsoftwindows_2003_serverMatchweb
OR
microsoftwindows_ntMatch4.0enterprise_server
OR
microsoftwindows_ntMatch4.0server
OR
microsoftwindows_ntMatch4.0terminal_server
OR
microsoftwindows_ntMatch4.0workstation
OR
microsoftwindows_ntMatch4.0sp1enterprise_server
OR
microsoftwindows_ntMatch4.0sp1server
OR
microsoftwindows_ntMatch4.0sp1terminal_server
OR
microsoftwindows_ntMatch4.0sp1workstation
OR
microsoftwindows_ntMatch4.0sp2enterprise_server
OR
microsoftwindows_ntMatch4.0sp2server
OR
microsoftwindows_ntMatch4.0sp2terminal_server
OR
microsoftwindows_ntMatch4.0sp2workstation
OR
microsoftwindows_ntMatch4.0sp3enterprise_server
OR
microsoftwindows_ntMatch4.0sp3server
OR
microsoftwindows_ntMatch4.0sp3terminal_server
OR
microsoftwindows_ntMatch4.0sp3workstation
OR
microsoftwindows_ntMatch4.0sp4enterprise_server
OR
microsoftwindows_ntMatch4.0sp4server
OR
microsoftwindows_ntMatch4.0sp4terminal_server
OR
microsoftwindows_ntMatch4.0sp4workstation
OR
microsoftwindows_ntMatch4.0sp5enterprise_server
OR
microsoftwindows_ntMatch4.0sp5server
OR
microsoftwindows_ntMatch4.0sp5terminal_server
OR
microsoftwindows_ntMatch4.0sp5workstation
OR
microsoftwindows_ntMatch4.0sp6aenterprise_server
OR
microsoftwindows_ntMatch4.0sp6aserver
OR
microsoftwindows_ntMatch4.0sp6aterminal_server
OR
microsoftwindows_ntMatch4.0sp6aworkstation
OR
microsoftwindows_xp64-bit
OR
microsoftwindows_xphome
OR
microsoftwindows_xpmedia_center
OR
microsoftwindows_xpgoldprofessional
OR
microsoftwindows_xpsp164-bit
OR
microsoftwindows_xpsp1home
OR
microsoftwindows_xpsp1media_center
OR
microsoftwindows_xpsp2home
OR
microsoftwindows_xpsp2media_center
OR
microsoftwindows_xpsp2tablet_pc

Related

cvelist 1
nessus 1
checkpoint_advisories 2
nvd 1
exploitpack 1
cert 1
canvas 1
seebug 1
securityvulns 1
exploitdb 1
cvelist
cvelist
CVE-2005-0045
2005-02-08 05:00:00
nessus
nessus
MS05-011: Vulnerability in SMB may allow remote code execution (885250)
2005-02-08 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows SMB Response Handling Buffer Overflow - ver 2 (CVE-2005-0045)
2014-05-13 00:00:00
Microsoft Windows SMB Response Handling Buffer Overflow (CVE-2005-0045)
2013-09-09 00:00:00
nvd
nvd
CVE-2005-0045
2005-05-02 04:00:00
exploitpack
exploitpack
Microsoft Windows - SMB Transaction Response Handling (MS05-011)
2005-06-23 00:00:00
cert
cert
Microsoft Windows SMB packet validation vulnerability
2005-02-08 00:00:00
canvas
canvas
Immunity Canvas: GAPPLE_CLIENT
2005-05-02 04:00:00
seebug
seebug
MS Windows (SMB) Transaction Response Handling Exploit (MS05-011)
2005-06-23 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS05-011 Vulnerability in Server Message Block Could Allow Remote Code Execution (885250)
2005-02-09 00:00:00
exploitdb
exploitdb
Microsoft Windows - 'SMB' Transaction Response Handling (MS05-011)
2005-06-23 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.96 High

EPSS

Percentile

99.5%

JSON
Related for CVE-2005-0045
cvelist1nessus1checkpoint_advisories2nvd1exploitpack1cert1canvas1seebug1securityvulns1exploitdb1