ID CVE-2005-1985
Summary The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages.
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_2000:-:sp4:-:fr
    cpe:2.3:o:microsoft:windows_2000:-:sp4:-:fr
  • cpe:2.3:o:microsoft:windows_2003_server:r2
    cpe:2.3:o:microsoft:windows_2003_server:r2
  • cpe:2.3:o:microsoft:windows_2003_server:sp1
    cpe:2.3:o:microsoft:windows_2003_server:sp1
  • Microsoft windows xp_sp1 tablet_pc
    cpe:2.3:o:microsoft:windows_xp:-:sp1:tablet_pc
  • Microsoft windows xp_sp2 tablet_pc
    cpe:2.3:o:microsoft:windows_xp:-:sp2:tablet_pc
CVSS
Base: 7.5 (as of 14-10-2005 - 11:30)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Windows
    NASL id SMB_KB899589.NASL
    description The remote host contains a version of the Client Service for NetWare that is vulnerable to a buffer overflow. An attacker may exploit this flaw by connecting to the NetWare RPC service (possibly over IP) and triggering the overflow by sending a malformed RPC request.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 20006
    published 2005-10-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20006
    title MS05-046: Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589) (uncredentialed check)
  • NASL family Windows : Microsoft Bulletins
    NASL id SMB_NT_MS05-046.NASL
    description The remote host contains a version of the Client Service for NetWare that is vulnerable to a buffer overflow. An attacker could exploit this flaw by connecting to the NetWare RPC service (possibly over IP) and trigger the overflow by sending a malformed RPC request.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 19999
    published 2005-10-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19999
    title MS05-046: Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589)
oval via4
  • accepted 2011-05-16T04:00:19.694-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages.
    family windows
    id oval:org.mitre.oval:def:1106
    status accepted
    submitted 2005-10-12T12:00:00.000-04:00
    title CSNW Remote Buffer Overflow via Network Messages (WinXP,SP1)
    version 67
  • accepted 2011-05-16T04:00:33.573-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Dragos Prisaca
      organization Gideon Technologies, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages.
    family windows
    id oval:org.mitre.oval:def:1210
    status accepted
    submitted 2005-10-12T12:00:00.000-04:00
    title CSNW Remote Buffer Overflow via Network Messages (WinXP,SP2)
    version 68
  • accepted 2011-05-16T04:01:15.712-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name John Hoyland
      organization Centennial Software
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages.
    family windows
    id oval:org.mitre.oval:def:1536
    status accepted
    submitted 2005-10-12T12:00:00.000-04:00
    title CSNW Remote Buffer Overflow via Network Messages (Win2k,SP4)
    version 67
  • accepted 2011-05-16T04:01:17.285-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Jonathan Baker
      organization The MITRE Corporation
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages.
    family windows
    id oval:org.mitre.oval:def:1544
    status accepted
    submitted 2005-10-12T12:00:00.000-04:00
    title CSNW Remote Buffer Overflow via Network Messages (Server 2003)
    version 67
  • accepted 2011-05-16T04:03:35.840-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages.
    family windows
    id oval:org.mitre.oval:def:910
    status accepted
    submitted 2005-10-12T12:00:00.000-04:00
    title CSNW Remote Buffer Overflow via Network Messages (Server 2003,SP1)
    version 67
refmap via4
bid 15066
ms MS05-046
osvdb 19922
sectrack 1015041
secunia 17165
xf win-csnw-bo(21700)
Last major update 10-09-2008 - 15:40
Published 13-10-2005 - 06:02
Last modified 12-10-2018 - 17:36
Back to Top