Published: 10/08/2005 Updated: 12/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote malicious users to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows xp
microsoft windows 2000

/* * HOD-ms05039-pnp-expl-spanishc [25Aug2005] * Very slightly modified version by Roman Medina <roman@rs-labscom> * Tested on Win2k SP4 Spanish * Original credits & comments follow */ /* HOD-ms05039-pnp-explc: 2005-08-10: PUBLIC v02 * * Copyright (c) 2005 houseofdabus * * (MS05-039) Microsoft Windows Plug-and-Play Se ...

## # $Id: ms05_039_pnprb 10190 2010-08-30 20:40:05Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Me ...

/* HOD-ms05039-pnp-explc: 2005-08-10: PUBLIC v02 * * Copyright (c) 2005 houseofdabus * * (MS05-039) Microsoft Windows Plug-and-Play Service Remote Overflow * Universal Exploit + no crash shellcode * * * * * ::[ houseofdabus ]:: * * * * --------------------------------------------------------------------- * Descr ...

/* Windows 2000 universal exploit for MS05-039 -\x6d\x35\x6c\x30\x6e\x6e\x79- */ #define WIN32_LEAN_AND_MEAN #include <windowsh> #include <winnetwkh> #include <winsockh> #include <Rpch> #include <wcharh> #include <stdioh> #include <stdlibh> #pragma comment(lib, "mpr") #pragma comment(lib, "Rpcrt4" ...

NVD-CWE-Other http://www.us-cert.gov/cas/techalerts/TA05-221A.html http://xforce.iss.net/xforce/alerts/id/202 http://www.kb.cert.org/vuls/id/998653 http://www.ciac.org/ciac/bulletins/p-266.shtml http://www.securiteam.com/windowsntfocus/5YP0E00GKW.html http://www.frsirt.com/english/alerts/20050814.ZotobA.php http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0384.html http://www.securityfocus.com/bid/14513 http://secunia.com/advisories/16372 http://securitytracker.com/id?1014640 http://www.osvdb.org/18605 http://www.hsc.fr/ressources/presentations/null_sessions/http://www.vupen.com/english/advisories/2005/1354 https://exchange.xforce.ibmcloud.com/vulnerabilities/21602 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A783 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A497 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A474 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A267 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A160 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100073 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-039 https://nvd.nist.gov https://www.exploit-db.com/exploits/1179/https://www.kb.cert.org/vuls/id/998653

CVE-2005-1983

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect