Common Vulnerabilities and Exposures
Home
Get
CVE
About
CVE
News and
Events
Editorial
Board
Advisory
Council
Compatible
Products

CVE Home

CVE-2005-1983

(under review)
Additional information is available from
the National Vulnerability Database
(also sponsored by US-CERT).

This is a candidate for inclusion in the CVE list, which standardizes names for security problems. It must be reviewed and accepted by the CVE Editorial Board before it can be added into CVE. Therefore, this candidate may be modified or even rejected in the future.

Name CVE-2005-1983 (under review)
Status Candidate
Description Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
References
  • MS:MS05-039
  • URL:http://www.microsoft.com/technet/Security/bulletin/ms05-039.mspx
  • ISS:20050809 Windows Plug and Play Remote Compromise
  • URL:http://xforce.iss.net/xforce/alerts/id/202
  • CERT:TA05-221A
  • URL:http://www.us-cert.gov/cas/techalerts/TA05-221A.html
  • CERT-VN:VU#998653
  • URL:http://www.kb.cert.org/vuls/id/998653
  • CIAC:P-266
  • URL:http://www.ciac.org/ciac/bulletins/p-266.shtml
  • MISC:http://www.hsc.fr/ressources/presentations/null_sessions/
  • MISC:http://www.securiteam.com/windowsntfocus/5YP0E00GKW.html
  • MISC:http://www.frsirt.com/english/alerts/20050814.ZotobA.php
  • FULLDISC:20050811 Windows 2000 universal exploit for MS05-039
  • URL:http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0384.html
  • BID:14513
  • URL:http://www.securityfocus.com/bid/14513
  • FRSIRT:ADV-2005-1354
  • URL:http://www.frsirt.com/english/advisories/2005/1354
  • OVAL:OVAL100073
  • URL:http://oval.mitre.org/oval/definitions/data/oval100073.html
  • SECUNIA:16372
  • URL:http://secunia.com/advisories/16372
  • SECTRACK:1014640
  • URL:http://securitytracker.com/id?1014640
  • OSVDB:18605
  • URL:http://www.osvdb.org/18605
  • XF:win-plugandplay-bo(21602)
  • URL:http://xforce.iss.net/xforce/xfdb/21602
Phase Assigned (20050617)
Votes
Comments 







Note: References
are provided for the convenience of the reader to
help distinguish between vulnerabilities.  The list of references is
not intended to be complete.


Candidate assigned on 20050617 and proposed on N/A





Search CVE using keywords: 





You can also search by reference using 
reference maps.




Home to cve.mitre.org



For more information, please contact cve@mitre.org.