CVE-2005-0045 – Microsoft Windows - 'SMB' Transaction Response Handling (MS05-011)
https://notcve.org/view.php?id=CVE-2005-0045
The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2) Trans2 commands, aka the "Server Message Block Vulnerability," and as demonstrated using Trans2 FIND_FIRST2 responses with large file name length fields. • https://www.exploit-db.com/exploits/1065 http://marc.info/?l=bugtraq&m=110792638401852&w=2 http://marc.info/?l=bugtraq&m=111040962600205&w=2 http://marc.info/?l=ntbugtraq&m=110795643831169&w=2 http://www.kb.cert.org/vuls/id/652537 http://www.securityfocus.com/bid/12484 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-011 https://exchange.xforce.ibmcloud.com/vulnerabilities/19089 https& •
CVE-2005-0050
https://notcve.org/view.php?id=CVE-2005-0050
The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the "License Logging Service Vulnerability." • http://www.kb.cert.org/vuls/id/130433 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-010 https://exchange.xforce.ibmcloud.com/vulnerabilities/19101 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2568 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3582 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A47 • CWE-20: Improper Input Validation •
CVE-2004-0567 – Microsoft Windows Server 2000 - WINS Remote Code Execution
https://notcve.org/view.php?id=CVE-2004-0567
The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability." • https://www.exploit-db.com/exploits/733 http://secunia.com/advisories/13466 http://securitytracker.com/id?1012517 http://www.ciac.org/ciac/bulletins/p-054.shtml http://www.kb.cert.org/vuls/id/378160 http://www.osvdb.org/12370 http://www.securityfocus.com/bid/11922 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-045 https://exchange.xforce.ibmcloud.com/vulnerabilities/18259 •
CVE-2004-1306 – Microsoft Windows XP/2000/2003 - 'winhlp32' Phrase Integer Overflow
https://notcve.org/view.php?id=CVE-2004-1306
Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file. El desbordamiento de búfer basado en memoria dinámica (heap) en winhlp32.exe en Windows NT, Windows 2000 a SP4, Windows XP a SP2 y Windows 2003 permite a los atacantes remotos ejecutar código arbitrario a través de un archivo.hlp diseñado. • https://www.exploit-db.com/exploits/25049 http://marc.info/?l=bugtraq&m=110383690219440&w=2 http://www.securityfocus.com/bid/12092 http://www.xfocus.net/flashsky/icoExp https://exchange.xforce.ibmcloud.com/vulnerabilities/18678 •
CVE-2004-1361
https://notcve.org/view.php?id=CVE-2004-1361
Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow. • http://marc.info/?l=bugtraq&m=110383690219440&w=2 http://www.securityfocus.com/bid/12091 http://www.xfocus.net/flashsky/icoExp https://exchange.xforce.ibmcloud.com/vulnerabilities/18678 •