Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv2

CVE-2005-2120

Published: 13/10/2005 Updated: 12/10/2018
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
VMScore: 660
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Microsoft

Vulnerability Summary

Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated malicious users to execute arbitrary code via a large number of "\" (backslash) characters in a registry key name, which triggers the overflow in a wsprintfW function call.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows xp

microsoft windows 2000

Exploits

Exploit DB: 20051021.MS05-047.c
Microsoft Windows Plug and Play "Umpnpmgrdll" Remote Exploit (MS05-047) Date : 21/10/2005Advisory : [25]FrSIRT/ADV-2005-2044CVE ID : [26]CVE-2005-2120Rated as : [27]High Risk [3gif] #include <stdioh>#include <windowsh>#pragma comment(lib, "mpr")#pragma comment(lib, "Rpcrt4")unsigned char szBindString[] ={0x05,0x00,0x0b,0x03,0x1 ...
Exploit DB: Microsoft Windows Plug-and-Play - 'Umpnpmgr.dll' Denial of Service (MS05-047) (2)
// tested and approved /str0ke /* Program: Denial of Service attack for MS UMPNPMGR PNP_GetDeviceList * Author: Winny Thomas * Vulnerability: no length checking on passed parameter to PNP_GetDeviceList in UMPNPMGRdll * Note: The code crashes servicesexe on the target, effectively bringing down the target against which its run * This code is ...
Exploit DB: Microsoft Windows Plug-and-Play - 'Umpnpmgr.dll' Denial of Service (MS05-047) (1)
#include <stdioh> #include <windowsh> #pragma comment(lib, "mpr") #pragma comment(lib, "Rpcrt4") unsigned char szBindString[] = { 0x05,0x00,0x0b,0x03,0x10,0x00,0x00,0x00,0x48,0x00,0x00,0x00,0x01,0x00,0x00,0x00, 0xb8,0x10,0xb8,0x10,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x01,0x00, 0x40,0x4e,0x9f,0x8d, ...

Github Repositories

https://github.com/x00itachi/metasploit-exploit-search-online

this script search exploit online using shell script

Online MSF reference checker This script will get the input of any reference and give you the msf exploit name and it's howto Input USAGE:/msf-chksh <reference> Eg: /msf-chksh CVE-1999-0256 Eg: /msf-chksh BID-36075 Eg: /msf-chksh OSVDB-18830 Eg: /msf-chksh MSB-MS02-039 To get the output as csv format USAGE:/m

References

NVD-CWE-Otherhttp://www.us-cert.gov/cas/techalerts/TA05-284A.htmlhttp://www.kb.cert.org/vuls/id/214572http://www.osvdb.org/18830http://www.eeye.com/html/research/advisories/AD20051011c.htmlhttp://securitytracker.com/id?1015042http://www.securityfocus.com/bid/15065http://secunia.com/advisories/17166http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdfhttp://secunia.com/advisories/17172http://secunia.com/advisories/17223http://securityreason.com/securityalert/71https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1519https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1328https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1244https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-047https://nvd.nist.govhttps://github.com/x00itachi/metasploit-exploit-search-onlinehttps://packetstormsecurity.com/files/41260/20051021.MS05-047.c.htmlhttps://www.exploit-db.com/exploits/1271/https://www.kb.cert.org/vuls/id/214572
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991CVE-2024-32674path traversalCVE-2023-21987denial of servicedosCVE-2024-4647CVE-2024-25519CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook