CVE-2005-3945Microsoft Windows 2003 Server vulnerability

3 documents3 sources
Severity
7.8HIGHNVD
EPSS
17.1%
top 5.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Windows 2003 Server
Timeline
PublishedDec 1
Latest updateMay 1

Description

The SynAttackProtect protection in Microsoft Windows 2003 before SP1 and Windows 2000 before SP4 with Update Roll-up uses a hash of predictable data, which allows remote attackers to cause a denial of service (CPU consumption) via a flood of SYN packets that produce identical hash values, which slows down the hash table lookups.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-vhpw-jc69-hpmx: The SynAttackProtect protection in Microsoft Windows 2003 before SP1 and Windows 2000 before SP4 with Update Roll-up uses a hash of predictable data,2022-05-01
CVEList
CVE-2005-3945: The SynAttackProtect protection in Microsoft Windows 2003 before SP1 and Windows 2000 before SP4 with Update Roll-up uses a hash of predictable data,2005-12-01
CVE-2005-3945 — Microsoft vulnerability | cvebase