CVE-2005-1649

Microsoft Windows 2003 Server - Denial of Service

Title source: rule

Description

The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, a variant of CVE-2005-0688 and a reoccurrence of the "Land" vulnerability (CVE-1999-0016).

Exploits (1)

exploitdb WORKING POC VERIFIED

by RusH · cdoswindows

https://www.exploit-db.com/exploits/861

View Code ZIP pw:eip

References (3)

[Exploit, Vendor Advisory] http://www.ntbugtraq.com/default.aspx?pid=36&sid=1&A2=ind0505&L=NTBUGTRAQ&P=R409&D=0&F=N&H=0&O=D&T=0

[Third Party Advisory] http://www.vupen.com/english/advisories/2005/0559

[Exploit] http://www.securityfocus.com/bid/13658

Scores

EPSS 0.1594

EPSS Percentile 94.8%

Details

Status published

Products (7)

microsoft/windows_2003_server datacenter_64-bit sp1

microsoft/windows_2003_server enterprise (2 CPE variants)

microsoft/windows_2003_server enterprise_64-bit (2 CPE variants)

microsoft/windows_2003_server r2 (3 CPE variants)

microsoft/windows_2003_server standard (2 CPE variants)

microsoft/windows_2003_server web (2 CPE variants)

microsoft/windows_xp (12 CPE variants)

Published May 18, 2005

Tracked Since Feb 18, 2026