CVE-2005-1218

Microsoft Windows 2000, XP, and Server 2003 - Denial of Service via Remote Desktop Protocol

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1218.

AI-analyzed exploit summary This is a SPIKE script designed to trigger a remote kernel DoS in Windows XP SP2 via a malformed RDP packet targeting the 'rdpwd.sys' driver. The exploit sends crafted binary data to port 3389, causing a system crash.

Description

The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.

Exploits (1)

exploitdb WORKING POC

doswindows

https://www.exploit-db.com/exploits/1143

View Code ZIP pw:eip

This is a SPIKE script designed to trigger a remote kernel DoS in Windows XP SP2 via a malformed RDP packet targeting the 'rdpwd.sys' driver. The exploit sends crafted binary data to port 3389, causing a system crash.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Windows XP SP2

No auth needed

Prerequisites: Network access to target's RDP port (3389)

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (14)

Core 14

Core References

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-041

Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/14259

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=112146383919436&w=2

Patch, US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/cas/techalerts/TA05-221A.html

Various Sources mailing-list x_refsource_mlist

https://www.immunitysec.com/pipermail/dailydave/2005-July/002188.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A609

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A346

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A618

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A376

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100092

Patch, Vendor Advisory x_refsource_confirm

http://www.microsoft.com/technet/security/advisory/904797.mspx

Various Sources x_refsource_misc

http://security-protocols.com/modules.php?name=News&file=article&sid=2783

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A180

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/490628

Scores

EPSS 0.5734

EPSS Percentile 99.0%

Details

Status published

Products (9)

microsoft/windows_2000 (5 CPE variants)

microsoft/windows_2003_server datacenter_64-bit sp1

microsoft/windows_2003_server enterprise (2 CPE variants)

microsoft/windows_2003_server enterprise_64-bit (2 CPE variants)

microsoft/windows_2003_server r2 (3 CPE variants)

microsoft/windows_2003_server standard (2 CPE variants)

microsoft/windows_2003_server standard_64-bit

microsoft/windows_2003_server web (2 CPE variants)

microsoft/windows_xp (6 CPE variants)

Published Aug 10, 2005

Tracked Since Feb 18, 2026