CVE-2005-3644

Windows 2000 SP4 and earlier - Denial of Service via UPnP DCE RPC Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-3644. PoCs published by Winny Thomas.

AI-analyzed exploit summary This exploit targets CVE-2005-3644, a DoS vulnerability in Windows UPnP service. It sends a crafted DCE RPC request to the target, causing excessive memory consumption in services.exe, leading to system unresponsiveness.

Description

PNP_GetDeviceList (upnp_getdevicelist) in UPnP for Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a DCE RPC request that specifies a large output buffer size, a variant of CVE-2006-6296, and a different vulnerability than CVE-2005-2120.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Winny Thomas · cdoswindows

https://www.exploit-db.com/exploits/1328

View Code ZIP pw:eip

This exploit targets CVE-2005-3644, a DoS vulnerability in Windows UPnP service. It sends a crafted DCE RPC request to the target, causing excessive memory consumption in services.exe, leading to system unresponsiveness.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Windows 2000 Server SP0, SP2, SP3 (UPnP service)

No auth needed

Prerequisites: Network access to target's UPnP service (port 139/445)

MITRE ATT&CK