Vulnerability Name: CVE-2005-0045 (CCN-19089) Assigned: 2005-02-08 Published: 2005-02-08 Updated: 2019-04-30 Summary: The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2) Trans2 commands, aka the "Server Message Block Vulnerability," and as demonstrated using Trans2 FIND_FIRST2 responses with large file name length fields. CVSS v3 Severity: 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
Vulnerability Type: CWE-Other Vulnerability Consequences: Gain Access References: Source: CCN Type: Microsoft Security Response Center Blog - Thursday, May 25, 2006 10:59 PMIncorrect reports of a new Windows 2000 SMB vulnerability Source: MITRE Type: CNACVE-2005-0045 Source: CCN Type: Dailydave Mailing List, Sun May 21 19:08:00 EST 2006 ID, Apples Source: CCN Type: Dailydave Mailing List, Wed May 24 23:41:24 EST 2006Re: ID, Apples Source: BUGTRAQ Type: UNKNOWN20050209 EEYE: Windows SMB Client Transaction Response Handling Vulnerability Source: BUGTRAQ Type: UNKNOWN20050309 Update: MS05-011 EEYE: Windows SMB Client Transaction Response Handling Vulnerability Source: NTBUGTRAQ Type: UNKNOWN20050209 EEYE: Windows SMB Client Transaction Response Handling Vulnerability Source: CCN Type: CIAC Information Bulletin P-129Microsoft Vulnerability in Server Message Block Source: CCN Type: eEye Digital Security Advisory AD20050208Windows SMB Client Transaction Response Handling Vulnerability Source: CCN Type: US-CERT VU#652537Microsoft Windows SMB packet validation vulnerability Source: CERT-VN Type: Patch, Third Party Advisory, US Government ResourceVU#652537 Source: CCN Type: Microsoft Security Bulletin MS05-011Vulnerability in Server Message Block Could Allow Remote Code Execution (885250) Source: CCN Type: Microsoft Security Bulletin MS06-030Vulnerability in Server Message Block Could Allow Elevation of Privilege (914389) Source: CCN Type: Microsoft Security Bulletin MS08-068Vulnerability in SMB Could Allow Remote Code Execution (957097) Source: CCN Type: Microsoft Security Bulletin MS10-006Vulnerabilities in SMB Client Could Allow Remote Code Execution (978251) Source: CCN Type: Microsoft Security Bulletin MS10-020Vulnerabilities in SMB Client Could Allow Remote Code Execution (980232) Source: CCN Type: Microsoft Security Bulletin MS11-019Vulnerabilities in SMB Client Could Allow Remote Code Execution (2511455) Source: CCN Type: Microsoft Security Bulletin MS11-043Vulnerability in SMB Client Could Allow Remote Code Execution (2536276) Source: BID Type: UNKNOWN12484 Source: CCN Type: BID-12484Microsoft Windows Server Message Block Handlers Remote Buffer Overflow Vulnerability Source: CERT Type: Patch, Third Party Advisory, US Government ResourceTA05-039A Source: CCN Type: Internet Security Systems Protection Alert February 8, 2005Multiple Vulnerabilities in Microsoft Products - February 2005 Source: MS Type: UNKNOWNMS05-011 Source: XF Type: UNKNOWNwin-smb-code-execution(19089) Source: XF Type: UNKNOWNwin-smb-code-execution(19089) Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:1606 Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:1847 Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:1889 Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:4043 Vulnerable Configuration: Configuration 1 :cpe:/o:microsoft:windows_2000:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:*:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:*:sp3:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:web:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:* OR cpe:/o:microsoft:windows_nt:4.0:*:server:*:*:*:*:* OR cpe:/o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:* OR cpe:/o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:* OR cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:* OR cpe:/o:microsoft:windows_nt:4.0:sp1:*:*:server:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp1:*:*:terminal_server:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp1:*:*:workstation:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:* OR cpe:/o:microsoft:windows_nt:4.0:sp2:*:*:server:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp2:*:*:terminal_server:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp2:*:*:workstation:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:* OR cpe:/o:microsoft:windows_nt:4.0:sp3:*:*:server:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp3:*:*:terminal_server:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp3:*:*:workstation:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:* OR cpe:/o:microsoft:windows_nt:4.0:sp4:*:*:server:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp4:*:*:terminal_server:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp4:*:*:workstation:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:* OR cpe:/o:microsoft:windows_nt:4.0:sp5:*:*:server:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp5:*:*:terminal_server:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp5:*:*:workstation:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:* OR cpe:/o:microsoft:windows_nt:4.0:sp6a:*:*:server:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp6a:*:*:terminal_server:*:x86:* OR cpe:/o:microsoft:windows_nt:4.0:sp6a:*:*:workstation:*:x86:* OR cpe:/o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:*:home:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:*:media_center:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:gold:professional:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp1:home:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp2:home:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:* Configuration CCN 1 :cpe:/o:microsoft:windows_2000:-:sp3:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:-:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:-::~~~~itanium~:*:*:*:*:* Denotes that component is vulnerable Oval Definitions BACK
microsoft windows 2000 *
microsoft windows 2000 * sp1
microsoft windows 2000 * sp2
microsoft windows 2000 * sp3
microsoft windows 2000 * sp4
microsoft windows 2003 server enterprise
microsoft windows 2003 server enterprise_64-bit
microsoft windows 2003 server r2
microsoft windows 2003 server r2
microsoft windows 2003 server standard
microsoft windows 2003 server web
microsoft windows nt 4.0
microsoft windows nt 4.0
microsoft windows nt 4.0
microsoft windows nt 4.0
microsoft windows nt 4.0 sp1
microsoft windows nt 4.0 sp1
microsoft windows nt 4.0 sp1
microsoft windows nt 4.0 sp1
microsoft windows nt 4.0 sp2
microsoft windows nt 4.0 sp2
microsoft windows nt 4.0 sp2
microsoft windows nt 4.0 sp2
microsoft windows nt 4.0 sp3
microsoft windows nt 4.0 sp3
microsoft windows nt 4.0 sp3
microsoft windows nt 4.0 sp3
microsoft windows nt 4.0 sp4
microsoft windows nt 4.0 sp4
microsoft windows nt 4.0 sp4
microsoft windows nt 4.0 sp4
microsoft windows nt 4.0 sp5
microsoft windows nt 4.0 sp5
microsoft windows nt 4.0 sp5
microsoft windows nt 4.0 sp5
microsoft windows nt 4.0 sp6a
microsoft windows nt 4.0 sp6a
microsoft windows nt 4.0 sp6a
microsoft windows nt 4.0 sp6a
microsoft windows xp *
microsoft windows xp *
microsoft windows xp *
microsoft windows xp * gold
microsoft windows xp * sp1
microsoft windows xp * sp1
microsoft windows xp * sp1
microsoft windows xp * sp2
microsoft windows xp * sp2
microsoft windows xp * sp2
microsoft windows 2000 - sp3
microsoft windows xp - sp1
microsoft windows 2000 - sp4
microsoft windows 2003 server *
microsoft windows xp sp2
microsoft windows 2003 server -