ID CVE-2005-0688
Summary Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the "Land" vulnerability (CVE-1999-0016).
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_2003_server:r2
    cpe:2.3:o:microsoft:windows_2003_server:r2
  • Microsoft windows xp_sp2 tablet_pc
    cpe:2.3:o:microsoft:windows_xp:-:sp2:tablet_pc
CVSS
Base: 5.0 (as of 09-06-2005 - 17:25)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
exploit-db via4
  • description MS Windows XP/2003 Remote Denial of Service Exploit. CVE-2005-0688,CVE-2005-1649. Dos exploit for windows platform
    id EDB-ID:861
    last seen 2016-01-31
    modified 2005-03-07
    published 2005-03-07
    reporter RusH
    source https://www.exploit-db.com/download/861/
    title Microsoft Windows 2003/XP - Remote Denial of Service Exploit
  • description MS Windows Malformed IP Options DoS Exploit (MS05-019). CVE-2004-0230,CVE-2004-0790,CVE-2004-1060,CVE-2005-0048,CVE-2005-0688. Dos exploit for windows platform
    id EDB-ID:942
    last seen 2016-01-31
    modified 2005-04-17
    published 2005-04-17
    reporter Yuri Gushin
    source https://www.exploit-db.com/download/942/
    title Microsoft Windows - Malformed IP Options DoS Exploit MS05-019
nessus via4
  • NASL family Windows
    NASL id SMB_KB893066.NASL
    description The remote host runs a version of Windows that has a flaw in its TCP/IP stack. The flaw may allow an attacker to execute arbitrary code with SYSTEM privileges on the remote host or to perform a denial of service attack against the remote host. Proof of concept code is available to perform a denial of service attack against a vulnerable system.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 18028
    published 2005-04-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18028
    title MS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution (893066) (uncredentialed check)
  • NASL family Windows : Microsoft Bulletins
    NASL id SMB_NT_MS06-064.NASL
    description The remote host runs a version of Windows that has a flaw in its TCP/IP IPv6 stack. The flaw could allow an attacker to perform a denial of service attack against the remote host. To exploit this vulnerability, an attacker needs to send a specially crafted ICMP or TCP packet to the remote host.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 22537
    published 2006-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22537
    title MS06-064: Vulnerability in TCP/IP IPv6 Could Allow Denial of Service (922819)
  • NASL family Windows : Microsoft Bulletins
    NASL id SMB_NT_MS05-019.NASL
    description The remote host runs a version of Windows that has a flaw in its TCP/IP stack. The flaw could allow an attacker to execute arbitrary code with SYSTEM privileges on the remote host, or to perform a denial of service attack against the remote host. Proof of concept code is available to perform a Denial of Service against a vulnerable system.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 18023
    published 2005-04-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18023
    title MS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution (893066)
oval via4
  • accepted 2011-05-16T04:00:46.822-04:00
    class vulnerability
    contributors
    • name Matthew Burton
      organization The MITRE Corporation
    • name John Hoyland
      organization Centennial Software
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the "Land" vulnerability (CVE-1999-0016).
    family windows
    id oval:org.mitre.oval:def:1288
    status accepted
    submitted 2005-04-22T12:00:00.000-04:00
    title Win2k Land Vulnerability
    version 36
  • accepted 2011-05-16T04:01:35.481-04:00
    class vulnerability
    contributors
    • name Matthew Burton
      organization The MITRE Corporation
    • name John Hoyland
      organization Centennial Software
    • name Dragos Prisaca
      organization Gideon Technologies, Inc.
    • name Brendan Miles
      organization The MITRE Corporation
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the "Land" vulnerability (CVE-1999-0016).
    family windows
    id oval:org.mitre.oval:def:1685
    status accepted
    submitted 2005-08-18T04:00:00.000-04:00
    title WinXP Land Vulnerability
    version 39
  • accepted 2011-05-09T04:01:35.065-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    definition_extensions
    • comment Microsoft Windows XP SP1 (32-bit) is installed
      oval oval:org.mitre.oval:def:1
    • comment Microsoft Windows XP SP2 or later is installed
      oval oval:org.mitre.oval:def:521
    • comment Microsoft Windows XP SP1 (64-bit) is installed
      oval oval:org.mitre.oval:def:480
    • comment Microsoft Windows Server 2003 (x86) Gold is installed
      oval oval:org.mitre.oval:def:165
    • comment Microsoft Windows Server 2003 SP1 (x86) is installed
      oval oval:org.mitre.oval:def:565
    description Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the "Land" vulnerability (CVE-1999-0016).
    family windows
    id oval:org.mitre.oval:def:482
    status accepted
    submitted 2006-10-11T05:29:41
    title Spoofed Connection Request Vulnerability
    version 39
  • accepted 2013-09-02T04:05:46.786-04:00
    class vulnerability
    contributors
    • name Matthew Burton
      organization The MITRE Corporation
    • name John Hoyland
      organization Centennial Software
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    • name Dragos Prisaca
      organization G2, Inc.
    description Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the "Land" vulnerability (CVE-1999-0016).
    family windows
    id oval:org.mitre.oval:def:4978
    status accepted
    submitted 2005-08-18T04:00:00.000-04:00
    title Server 2003 Object Management Vulnerability
    version 38
refmap via4
bugtraq 20050305 Windows Server 2003 and XP SP2 LAND attack vulnerability
hp
  • HPSBST02161
  • SSRT061264
ms
  • MS05-019
  • MS06-064
secunia 22341
vupen ADV-2006-3983
Last major update 17-10-2016 - 23:13
Published 05-03-2005 - 00:00
Last modified 19-10-2018 - 11:31
Back to Top