CVE-2005-2120
CVE-2005-2120
Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated attackers to execute arbitrary code via a large number of "\" (backslash) characters in a registry key name, which triggers the overflow in a wsprintfW function call.
Productos afectados
n/a · n/aPoCs públicas encontradas — 2
exploitdbwww.exploit-db.com/exploits/1269no verificadoexploitdbwww.exploit-db.com/exploits/1271no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-047http://secunia.com/advisories/17166http://secunia.com/advisories/17172http://secunia.com/advisories/17223http://securityreason.com/securityalert/71http://securitytracker.com/id?1015042https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1244https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1328https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1519http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdfhttp://www.eeye.com/html/research/advisories/AD20051011c.htmlhttp://www.kb.cert.org/vuls/id/214572