CVE-2004-1080

Microsoft Windows NT/2000/Server 2003 - RCE

Title source: llm

Description

The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16359

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by class101 · c++remotewindows

https://www.exploit-db.com/exploits/909

View Code ZIP pw:eip

metasploit WORKING POC GREAT

by hdm · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/wins/ms04_045_wins.rb

View Code ZIP pw:eip

References (18)

[Mailing List] http://marc.info/?l=bugtraq&m=110150370506704&w=2

[Vendor Advisory] http://support.microsoft.com/kb/890710

[Third Party Advisory, US Government Resource] http://www.ciac.org/ciac/bulletins/p-054.shtml

[Various Sources] http://www.immunitysec.com/downloads/instantanea.pdf

[Patch, Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/145134

[Patch, Vendor Advisory] http://www.securityfocus.com/bid/11763

[Various Sources] http://xforce.iss.net/xforce/alerts/id/184

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-045

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/18259

[Third Party Advisory, VDB Entry] http://www.osvdb.org/12378

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1549

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2541

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2734

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3677

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4372

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4831

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1012516

[Third Party Advisory] http://secunia.com/advisories/13328/

Scores

EPSS 0.8941

EPSS Percentile 99.5%

Details

Status published

Products (9)

microsoft/windows_2000 (5 CPE variants)

microsoft/windows_2003_server 2000

microsoft/windows_2003_server 2003

microsoft/windows_2003_server enterprise

microsoft/windows_2003_server enterprise_64-bit

microsoft/windows_2003_server r2 (2 CPE variants)

microsoft/windows_2003_server standard

microsoft/windows_2003_server web

microsoft/windows_nt 4.0 (24 CPE variants)

Published Jan 10, 2005

Tracked Since Feb 18, 2026