CVE-2005-1649

Windows 2003 Server and XP - Denial of Service via IPv6 Land Attack

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1649. PoCs published by RusH.

AI-analyzed exploit summary This exploit sends a malformed TCP SYN packet to trigger a remote DoS in Windows Server 2003 and XP SP2. It crafts a raw IP packet with a TCP header and sends it to the target, causing the system to crash.

Description

The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, a variant of CVE-2005-0688 and a reoccurrence of the "Land" vulnerability (CVE-1999-0016).

Exploits (1)

exploitdb WORKING POC VERIFIED
by RusH · cdoswindows
https://www.exploit-db.com/exploits/861

This exploit sends a malformed TCP SYN packet to trigger a remote DoS in Windows Server 2003 and XP SP2. It crafts a raw IP packet with a TCP header and sends it to the target, causing the system to crash.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Windows Server 2003 and Windows XP SP2
No auth needed
Prerequisites: raw socket permissions · target IP and port
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2005/0559
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/13658

Scores

EPSS 0.2178
EPSS Percentile 97.3%

Details

Status published
Products (7)
microsoft/windows_2003_server datacenter_64-bit sp1
microsoft/windows_2003_server enterprise (2 CPE variants)
microsoft/windows_2003_server enterprise_64-bit (2 CPE variants)
microsoft/windows_2003_server r2 (3 CPE variants)
microsoft/windows_2003_server standard (2 CPE variants)
microsoft/windows_2003_server web (2 CPE variants)
microsoft/windows_xp (12 CPE variants)
Published May 18, 2005
Tracked Since Feb 18, 2026