Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-1980 — Microsoft Windows 2003 Server vulnerability

4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

69.8%

top 1.33%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Windows 2003 Server

Timeline

PublishedOct 12

Latest updateMay 1

Description

Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly connect to a target IP and port number after an error occurs, aka the "Distributed TIP Vulnerability."

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/windows_2003_server4 versions+3

🔴Vulnerability Details

GHSA

GHSA-7rfv-x23q-gmxq: Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transact↗2022-05-01

▶

CVEList

CVE-2005-1980: Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transact↗2005-10-11

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Windows - DTC Remote (MS05-051) (2)↗2005-12-01

▶