CVE-2004-0567

Windows NT Server 4.0 SP 6a- Windows Server 2003 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0567. PoCs published by zuc.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in ZUCWins 0.1 on Windows 2000 SP3/SP4. It sends a crafted payload to port 42, triggering a remote code execution that connects back to an attacker-controlled IP and port.

Description

The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability."

Exploits (1)

exploitdb WORKING POC VERIFIED

by zuc · cremotewindows

https://www.exploit-db.com/exploits/733

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in ZUCWins 0.1 on Windows 2000 SP3/SP4. It sends a crafted payload to port 42, triggering a remote code execution that connects back to an attacker-controlled IP and port.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ZUCWins 0.1 on Windows 2000 SP3/SP4

No auth needed

Prerequisites: Network access to the target on port 42 · Target running ZUCWins 0.1 on Windows 2000 SP3/SP4

MITRE ATT&CK