CVE-2004-0567 in Windowsinfo

Summary

The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability."

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

06/15/2004

Disclosure

12/31/2004

Moderation

VulDB entry created

Entries

VDB-1041 (1)

CPE

ready

CWE

CWE-119 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.25251

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-0567
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0567
CVE Details	https://www.cvedetails.com/cve/CVE-2004-0567/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!