ID CVE-2004-0574
Summary The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:exchange_server:2000:-:*:*:*:*:*:*
    cpe:2.3:a:microsoft:exchange_server:2000:-:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:exchange_server:2003:-:*:*:*:*:*:*
    cpe:2.3:a:microsoft:exchange_server:2003:-:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2000:-:-:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2000:-:-:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:server:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:server:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2003:r2:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2003:r2:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 30-04-2019 - 14:27)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
oval via4
  • accepted 2007-11-13T12:01:09.183-05:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name Jeff Cheng
      organization Opsware, Inc.
    • name Jeff Cheng
      organization Opsware, Inc.
    description The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
    family windows
    id oval:org.mitre.oval:def:246
    status accepted
    submitted 2004-10-26T09:17:00.000-04:00
    title Network News Transfer Protocol Buffer Overflow
    version 29
  • accepted 2016-02-19T10:00:00.000-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name Jeff Cheng
      organization Opsware, Inc.
    • name Maria Mikhno
      organization ALTX-SOFT
    description The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
    family windows
    id oval:org.mitre.oval:def:4392
    status accepted
    submitted 2004-10-14T08:47:00.000-04:00
    title Windows Server 2003 NNTP Component Buffer Overflow
    version 28
  • accepted 2007-11-13T12:01:18.060-05:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name John Hoyland
      organization Centennial Software
    • name Jeff Cheng
      organization Opsware, Inc.
    description The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
    family windows
    id oval:org.mitre.oval:def:5021
    status accepted
    submitted 2004-10-13T12:21:00.000-04:00
    title Vulnerability in NNTP Could Allow Remote Code Execution
    version 30
  • accepted 2016-02-19T10:00:00.000-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name Jonathan Baker
      organization The MITRE Corporation
    • name Maria Mikhno
      organization ALTX-SOFT
    definition_extensions
    comment Microsoft Windows NT is installed
    oval oval:org.mitre.oval:def:36
    description The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
    family windows
    id oval:org.mitre.oval:def:5070
    status accepted
    submitted 2004-10-14T01:15:00.000-04:00
    title Windows NT NNTP Component Buffer Overflow
    version 36
  • accepted 2016-02-19T10:00:00.000-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name John Hoyland
      organization Centennial Software
    • name Shane Shaffer
      organization G2, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    • name Maria Mikhno
      organization ALTX-SOFT
    description The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
    family windows
    id oval:org.mitre.oval:def:5926
    status accepted
    submitted 2004-10-14T08:58:00.000-04:00
    title Windows 2000 NNTP Component Buffer Overflow
    version 33
refmap via4
bugtraq 20041012 CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities
cert-vn VU#203126
ciac P-012
misc http://www.coresecurity.com/common/showdoc.php?idx=420&idxseccion=10
ms MS04-036
xf
  • win-ms04036-patch(17661)
  • win-nntp-bo(17641)
Last major update 30-04-2019 - 14:27
Published 03-11-2004 - 05:00
Last modified 09-04-2020 - 13:50
Back to Top