Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0567

5 documents4 sources

Severity

7.5HIGH

EPSS

25.3%

top 3.81%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Windows 2003 Server Microsoft Windows NT

Timeline

PublishedDec 31

Latest updateApr 29

Description

The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDmicrosoft/windows_2003_server64-bit, r2+1

▶NVDmicrosoft/windows_nt4.0

Patches

Patch: www.ciac.org ↗Patch: www.kb.cert.org ↗Patch: www.ciac.org ↗

🔴Vulnerability Details

GHSA

GHSA-qfjv-m3mh-pmwp: The Windows Internet Naming Service (WINS) in Windows NT Server 4↗2022-04-29

▶

CVEList

CVE-2004-0567: The Windows Internet Naming Service (WINS) in Windows NT Server 4↗2004-12-31

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Windows Server 2000 - WINS Remote Code Execution↗2004-12-31

▶

Exploit-DB

PSOProxy 0.91 - Remote Buffer Overflow (1)↗2004-02-20

▶