Vulnerabilities > CVE-2005-1984 - Buffer Overflow vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 4 |
Nessus
NASL family Windows NASL id SMB_KB896423.NASL description The remote host contains a version of the Print Spooler service that may allow an attacker to execute code on the remote host or crash the spooler service. An attacker can execute code on the remote host with a NULL session against : - Windows 2000 An attacker can crash the remote service with a NULL session against : - Windows 2000 - Windows XP SP1 An attacker needs valid credentials to crash the service against : - Windows 2003 - Windows XP SP2 last seen 2020-06-01 modified 2020-06-02 plugin id 19407 published 2005-08-09 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19407 title MS05-043: Vulnerability in Printer Spooler Service Could Allow Remote Code Execution (896423) (uncredentialed check) NASL family Windows : Microsoft Bulletins NASL id SMB_NT_MS05-043.NASL description The remote host contains a version of the Print Spooler service that is vulnerable to a security flaw that could allow an attacker to execute code on the remote host or crash the spooler service. An attacker can execute code on the remote host with a NULL session against : - Windows 2000 An attacker can crash the remote service with a NULL session against : - Windows 2000 - Windows XP SP1 An attacker needs valid credentials to crash the service against : - Windows 2003 - Windows XP SP2 last seen 2020-06-01 modified 2020-06-02 plugin id 19406 published 2005-08-09 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19406 title MS05-043: Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423)
Oval
accepted 2011-05-16T04:00:04.818-04:00 class vulnerability contributors name Robert L. Hollis organization ThreatGuard, Inc. name Shane Shaffer organization G2, Inc. name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message. family windows id oval:org.mitre.oval:def:100077 status accepted submitted 2005-08-16T12:00:00.000-04:00 title Windows XP,SP1 Print Spooler Service Buffer Overflow version 68 accepted 2011-05-16T04:00:12.594-04:00 class vulnerability contributors name Matthew Burton organization The MITRE Corporation name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message. family windows id oval:org.mitre.oval:def:1045 status accepted submitted 2005-09-19T04:00:00.000-04:00 title Windows 2000 Print Spooler Service Buffer Overflow version 67 accepted 2011-05-16T04:00:55.008-04:00 class vulnerability contributors name Matthew Burton organization The MITRE Corporation name Shane Shaffer organization G2, Inc. name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message. family windows id oval:org.mitre.oval:def:1405 status accepted submitted 2005-09-19T04:00:00.000-04:00 title Server 2003 Print Spooler Service Buffer Overflow version 69 accepted 2016-02-19T10:00:00.000-04:00 class vulnerability contributors name Robert L. Hollis organization ThreatGuard, Inc. name Robert L. Hollis organization ThreatGuard, Inc. name Dragos Prisaca organization Gideon Technologies, Inc. name Shane Shaffer organization G2, Inc. name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc. name Maria Mikhno organization ALTX-SOFT
description Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message. family windows id oval:org.mitre.oval:def:256 status accepted submitted 2006-09-22T05:40:00.000-04:00 title Windows XP,SP2 Print Spooler Service Buffer Overflow version 71
References
- http://secunia.com/advisories/16356/
- http://securitytracker.com/id?1014638
- http://www.kb.cert.org/vuls/id/220821
- http://www.securityfocus.com/bid/14514
- http://www.us-cert.gov/cas/techalerts/TA05-221A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-043
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100077
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1045
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1405
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A256