CVE-2005-1985

2005-10-1310:02:00

[email protected]

web.nvd.nist.gov

netware

microsoft

windows

cve-2005-1985

security vulnerability

remote code execution

network messages

buffer overflow

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.216 Low

EPSS

Percentile

96.5%

JSON

The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an “unchecked buffer” when processing certain crafted network messages.

Affected configurations

NVD

Node

microsoftwindows_2000sp4fr

microsoftwindows_2003_serverMatchr2

microsoftwindows_2003_serverMatchsp1

microsoftwindows_xpsp1tablet_pc

microsoftwindows_xpsp2tablet_pc

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*
microsoft:windows_2003_servermicrosoft windows 2003 servereqr2
microsoft:windows_2003_servermicrosoft windows 2003 servereqsp1
microsoft:windows_xpmicrosoft windows xpeq*

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*
microsoft:windows_2003_server	microsoft windows 2003 server	eq	r2
microsoft:windows_2003_server	microsoft windows 2003 server	eq	sp1
microsoft:windows_xp	microsoft windows xp	eq	*