ID CVE-2005-1983
Summary Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
References
Vulnerable Configurations
  • Microsoft Windows 2000
    cpe:2.3:o:microsoft:windows_2000
  • Microsoft windows xp_sp1 tablet_pc
    cpe:2.3:o:microsoft:windows_xp:-:sp1:tablet_pc
CVSS
Base: 10.0 (as of 10-08-2005 - 07:51)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
  • description MS Windows Plug-and-Play Service Remote Universal Exploit (MS05-039). CVE-2005-1983. Remote exploit for windows platform
    id EDB-ID:1149
    last seen 2016-01-31
    modified 2005-08-12
    published 2005-08-12
    reporter houseofdabus
    source https://www.exploit-db.com/download/1149/
    title Microsoft Windows Plug-and-Play Service - Remote Universal Exploit MS05-039
  • description MS Windows Plug-and-Play Service Remote Overflow (MS05-039). CVE-2005-1983. Remote exploit for windows platform
    id EDB-ID:1146
    last seen 2016-01-31
    modified 2005-08-11
    published 2005-08-11
    reporter sl0ppy
    source https://www.exploit-db.com/download/1146/
    title Microsoft Windows Plug-and-Play Service Remote Overflow MS05-039
  • description MS Windows Plug-and-Play Service Remote Universal Exploit (spanish fix). CVE-2005-1983. Remote exploit for windows platform
    id EDB-ID:1179
    last seen 2016-01-31
    modified 2005-08-25
    published 2005-08-25
    reporter RoMaNSoFt
    source https://www.exploit-db.com/download/1179/
    title Microsoft Windows Plug-and-Play Service Remote Universal Exploit spanish fix
  • description Microsoft Plug and Play Service Overflow. CVE-2005-1983. Dos exploit for windows platform
    id EDB-ID:16365
    last seen 2016-02-01
    modified 2010-08-30
    published 2010-08-30
    reporter metasploit
    source https://www.exploit-db.com/download/16365/
    title Microsoft Plug and Play Service Overflow
metasploit via4
description This module exploits a stack buffer overflow in the Windows Plug and Play service. This vulnerability can be exploited on Windows 2000 without a valid user account. NOTE: Since the PnP service runs inside the service.exe process, a failed exploit attempt will cause the system to automatically reboot.
id MSF:EXPLOIT/WINDOWS/SMB/MS05_039_PNP
last seen 2019-03-22
modified 2017-07-24
published 2006-07-31
reliability Good
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/smb/ms05_039_pnp.rb
title MS05-039 Microsoft Plug and Play Service Overflow
nessus via4
  • NASL family Windows : Microsoft Bulletins
    NASL id SMB_NT_MS05-039.NASL
    description The remote version of Windows contains a flaw in the function PNP_QueryResConfList() in the Plug and Play service that could allow an attacker to execute arbitrary code on the remote host with the SYSTEM privileges. A series of worms (Zotob) are known to exploit this vulnerability in the wild.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 19402
    published 2005-08-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19402
    title MS05-039: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588)
  • NASL family Windows
    NASL id SMB_KB899588.NASL
    description The remote version of Windows contains a flaw in the function 'PNP_QueryResConfList()' in the Plug and Play service that may allow an attacker to execute arbitrary code on the remote host with SYSTEM privileges. A series of worms (Zotob) are known to exploit this vulnerability in the wild.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 19408
    published 2005-08-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19408
    title MS05-039: Vulnerability in Plug and Play Service Could Allow Remote Code Execution (899588) (uncredentialed check)
oval via4
  • accepted 2011-05-09T04:00:02.722-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    description Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
    family windows
    id oval:org.mitre.oval:def:100073
    status accepted
    submitted 2005-08-16T12:00:00.000-04:00
    title Windows XP (64-bit) PnP Buffer Overflow
    version 66
  • accepted 2016-02-19T10:00:00.000-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    • name Maria Mikhno
      organization ALTX-SOFT
    description Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
    family windows
    id oval:org.mitre.oval:def:160
    status accepted
    submitted 2006-09-22T05:40:00.000-04:00
    title Windows Server 2003 Plug and Play Buffer Overflow Vulnerability
    version 68
  • accepted 2016-02-19T10:00:00.000-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    • name Maria Mikhno
      organization ALTX-SOFT
    description Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
    family windows
    id oval:org.mitre.oval:def:267
    status accepted
    submitted 2006-09-22T05:40:00.000-04:00
    title Windows XP Plug and Play Buffer Overflow Vulnerability
    version 69
  • accepted 2016-02-19T10:00:00.000-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    • name Maria Mikhno
      organization ALTX-SOFT
    description allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
    family windows
    id oval:org.mitre.oval:def:474
    status accepted
    submitted 2006-09-22T05:40:00.000-04:00
    title Windows 2000 Plug and Play Buffer Overflow Vulnerability
    version 66
  • accepted 2016-02-19T10:00:00.000-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Dragos Prisaca
      organization Gideon Technologies, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    • name Maria Mikhno
      organization ALTX-SOFT
    description Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
    family windows
    id oval:org.mitre.oval:def:497
    status accepted
    submitted 2006-09-22T05:40:00.000-04:00
    title Windows XP,SP2 Plug and Play Buffer Overflow Vulnerability
    version 71
  • accepted 2016-02-19T10:00:00.000-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Jonathan Baker
      organization The MITRE Corporation
    • name Shane Shaffer
      organization G2, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    • name Maria Mikhno
      organization ALTX-SOFT
    description Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
    family windows
    id oval:org.mitre.oval:def:783
    status accepted
    submitted 2006-09-22T05:40:00.000-04:00
    title Windows Server 2003 Plug and Play Buffer Overflow Vulnerability
    version 70
packetstorm via4
data source https://packetstormsecurity.com/files/download/83078/ms05_039_pnp.rb.txt
id PACKETSTORM:83078
last seen 2016-12-05
published 2009-11-26
reporter H D Moore
source https://packetstormsecurity.com/files/83078/Microsoft-Plug-and-Play-Service-Overflow.html
title Microsoft Plug and Play Service Overflow
refmap via4
bid 14513
cert TA05-221A
cert-vn VU#998653
ciac P-266
fulldisc 20050811 Windows 2000 universal exploit for MS05-039
iss 20050809 Windows Plug and Play Remote Compromise
misc
ms MS05-039
osvdb 18605
sectrack 1014640
secunia 16372
vupen ADV-2005-1354
xf win-plugandplay-bo(21602)
saint via4
bid 14513
description Windows Plug and Play buffer overflow
id win_patch_plugplay
osvdb 18605
title windows_plug_play
type remote
Last major update 07-03-2011 - 21:23
Published 10-08-2005 - 00:00
Last modified 12-10-2018 - 17:36
Back to Top