Vulnonym.org

CVE-2004-1080 - Advanced Inevitable

Description

The WINS service (wins.exe) on Microsoft Windows NT Server 4.0 Windows 2000 Server and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42 aka the \Association Context Vulnerability.\

Reference

http://www.securityfocus.com/bid/11763 http://www.kb.cert.org/vuls/id/145134 http://www.immunitysec.com/downloads/instantanea.pdf http://xforce.iss.net/xforce/alerts/id/184 http://support.microsoft.com/kb/890710 http://www.ciac.org/ciac/bulletins/p-054.shtml http://secunia.com/advisories/13328/ http://www.osvdb.org/12378 http://securitytracker.com/id?1012516 http://marc.info/?l=bugtraq&m=110150370506704&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18259 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4831 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4372 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3677 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2734 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2541 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1549 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-045