CyberSec.Space Logo
返回 CVE 浏览器

CVE-2004-1080

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1400%
EPSS Percentile29.01th
Published2005年1月10日
Last Modified2026年4月16日

Vulnerability Description

The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."

Affected Platforms (CPE)

💻
Microsoft

Windows 2000

All versions
💻
Microsoft

Windows 2000

All versions
💻
Microsoft

Windows 2000

All versions
💻
Microsoft

Windows 2000

All versions
💻
Microsoft

Windows 2000

All versions
💻
Microsoft

Windows 2003 Server

= 2000
💻
Microsoft

Windows 2003 Server

= 2003
💻
Microsoft

Windows 2003 Server

= enterprise
💻
Microsoft

Windows 2003 Server

= enterprise_64-bit
💻
Microsoft

Windows 2003 Server

= r2
💻
Microsoft

Windows 2003 Server

= r2
💻
Microsoft

Windows 2003 Server

= standard
💻
Microsoft

Windows 2003 Server

= web
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0
💻
Microsoft

Windows Nt

= 4.0

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=110150370506704&w=2
🔗 http://secunia.com/advisories/13328/
🔗 http://securitytracker.com/id?1012516
🔗 http://support.microsoft.com/kb/890710
🔗 http://www.ciac.org/ciac/bulletins/p-054.shtml
🔗 http://www.immunitysec.com/downloads/instantanea.pdf
🔗 http://www.kb.cert.org/vuls/id/145134
🔗 http://www.osvdb.org/12378

相关漏洞威胁

CVE-2000-103410.0

Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a ...

CVE-2000-006110.0

Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document h...

CVE-2000-022210.0

The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote ...

CVE-2000-107110.0

The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote...