Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0120 — Microsoft Windows 2003 Server vulnerability

4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

83.1%

top 0.74%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Windows 2003 Server

Timeline

PublishedJun 1

Latest updateApr 29

Description

The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/windows_2003_serverr2

Patches

Patch: www.kb.cert.org ↗Patch: www.kb.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-xhwv-vhh3-q8fm: The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a den↗2022-04-29

▶

CVEList

CVE-2004-0120: The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a den↗2004-04-16

▶

💥Exploits & PoCs

Exploit-DB

Microsoft IIS - SSL Remote Denial of Service (MS04-011)↗2004-04-14

▶