5
CVSSv2

CVE-2005-1218

CVSSv4: NA | CVSSv3: NA | CVSSv2: 5 | VMScore: 600 | EPSS: 0.18916 | KEV: Not Included
Published: 10/08/2005 Updated: 20/11/2024

Vulnerability Summary

The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote malicious users to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows 2000

microsoft windows 2003 server datacenter 64-bit

microsoft windows 2003 server enterprise

microsoft windows 2003 server enterprise 64-bit

microsoft windows 2003 server r2

microsoft windows 2003 server standard

microsoft windows 2003 server standard 64-bit

microsoft windows 2003 server web

microsoft windows xp

Exploits

// get SPIKE here: wwwimmunityseccom/resources-freesoftwareshtml /str0ke // // Windows XP SP2 'rdpwdsys' Remote Kernel DoS // // Discovered by: // Tom Ferris // tommy[at]security-protocols[dot]com // // Tested on: // Microsoft Windows XP SP2 // // Usage (SPIKE) : /generic_send_tcp 1921681100 3389 remoteassspk 1 0 // // 8/9/2005 ...

Github Repositories

SNORT_Rules i have added some rules that APP-DETECT this me adding the rules with this command ( sudo vim /etc/snort/rules/localrules ) and this is after i started snort to sniff around with this command ( sudo snort -q -l /var/log/snort -i eth0 -A console -c /etc/snort/snortconf ) and down their is all the rule i have added I have used snorpy to make thies rules it is amaz

References

NVD-CWE-Otherhttps://nvd.nist.govhttps://github.com/Drakjowolfx/SNORT_Ruleshttps://www.exploit-db.com/exploits/1143/https://www.kb.cert.org/vuls/id/490628https://www.first.org/epsshttp://marc.info/?l=bugtraq&m=112146383919436&w=2http://security-protocols.com/modules.php?name=News&file=article&sid=2783http://www.kb.cert.org/vuls/id/490628http://www.microsoft.com/technet/security/advisory/904797.mspxhttp://www.securityfocus.com/bid/14259http://www.us-cert.gov/cas/techalerts/TA05-221A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-041https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100092https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A180https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A346https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A376https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A609https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A618https://www.immunitysec.com/pipermail/dailydave/2005-July/002188.htmlhttp://marc.info/?l=bugtraq&m=112146383919436&w=2http://security-protocols.com/modules.php?name=News&file=article&sid=2783http://www.kb.cert.org/vuls/id/490628http://www.microsoft.com/technet/security/advisory/904797.mspxhttp://www.securityfocus.com/bid/14259http://www.us-cert.gov/cas/techalerts/TA05-221A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-041https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100092https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A180https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A346https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A376https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A609https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A618https://www.immunitysec.com/pipermail/dailydave/2005-July/002188.html