Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-0688 — Microsoft Windows 2003 Server vulnerability

8 documents5 sources
Severity
5.0MEDIUMNVD
EPSS
80.8%
top 0.85%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Windows 2003 Server
Timeline
PublishedMar 5
Latest updateMay 1

Description

Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the "Land" vulnerability (CVE-1999-0016).

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-4r46-5w3g-fqfc: Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP pac↗2022-05-01
â–¶
CVEList
CVE-2005-0688: Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP pac↗2005-03-08
â–¶

💥Exploits & PoCs

2
Exploit-DB
Microsoft Windows - Malformed IP Options Denial of Service (MS05-019)↗2005-04-17
â–¶
Exploit-DB
Microsoft Windows XP/2003 - Remote Denial of Service↗2005-03-07
â–¶

💬Community

2
Bugzilla
CVE-2004-0687 openmotif21 stack overflows in libxpm↗2008-01-28
â–¶
Bugzilla
CVE-2004-0688 openmotif21 stack overflows in libxpm↗2008-01-28
â–¶
CVE-2005-0688 — Microsoft vulnerability | cvebase