CVE-2005-0059

Microsoft Windows 2000 and XP SP1 - Remote Code Execution via Message Queuing Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2005-0059. PoCs published by Metasploit, houseofdabus, hdm, including Metasploit module exploits/windows/dcerpc/ms05_017_msmq.

AI-analyzed exploit summary This is a Metasploit module exploiting a stack buffer overflow in the Microsoft Message Queueing (MSMQ) service via a maliciously crafted RPC request. The exploit leverages SEH overwrites and requires the target's NetBIOS hostname for reliable exploitation.

Description

Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16747

This is a Metasploit module exploiting a stack buffer overflow in the Microsoft Message Queueing (MSMQ) service via a maliciously crafted RPC request. The exploit leverages SEH overwrites and requires the target's NetBIOS hostname for reliable exploitation.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Message Queueing Service (MSMQ) on Windows 2000 and Windows XP SP0-SP1
No auth needed
Prerequisites: Target's NetBIOS hostname · Access to TCP port 2103
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by houseofdabus · cremotewindows
https://www.exploit-db.com/exploits/1075

This exploit targets CVE-2005-0059, a buffer overflow in Microsoft Message Queuing (MSMQ) service. It crafts a malicious DCE/RPC bind request to trigger remote code execution on vulnerable systems.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Message Queuing (MSMQ) on Windows 2000/XP
No auth needed
Prerequisites: Network access to target's MSMQ service (port 2103)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GOOD
by hdm · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/dcerpc/ms05_017_msmq.rb

This Metasploit module exploits a stack buffer overflow in the Microsoft Message Queueing (MSMQ) service via a maliciously crafted RPC request. The exploit leverages SEH overwrites and requires the target's NetBIOS hostname for reliable exploitation.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Message Queueing Service (MSMQ) on Windows 2000 / Windows XP SP0-SP1
No auth needed
Prerequisites: Target hostname (NetBIOS name) · Access to TCP port 2103 (or remapped from 445/139)
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4988
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4384

Scores

EPSS 0.7387
EPSS Percentile 99.4%

Details

Status published
Products (4)
microsoft/windows_2000 (5 CPE variants)
microsoft/windows_98
microsoft/windows_98se
microsoft/windows_xp (10 CPE variants)
Published May 02, 2005
Tracked Since Feb 18, 2026