Mission and Overview
NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA).
Resource Status
NVD contains:
CVE Vulnerabilities
39671
Checklists
129
US-CERT Alerts
187
US-CERT Vuln Notes
2351
OVAL Queries
2517
CPE Names
17905

Last updated: Sun Nov 22 12:59:28 EST 2009

CVE Publication rate: 9.9

Email List

NVD provides four mailing lists to the public. For information and subscription instructions please visit NVD Mailing Lists

Workload Index

Vulnerability Workload Index: 5.4

About Us
NVD is a product of the NIST Computer Security Division and is sponsored by the Department of Homeland Security's National Cyber Security Division. It supports the U.S. government multi-agency (OSD, DHS, NSA, DISA, and NIST) Information Security Automation Program. It is the U.S. government content repository for the Security Content Automation Protocol (SCAP).

National Cyber-Alert System

Vulnerability Summary for CVE-2005-1983

Original release date:08/10/2005
Last revised:09/10/2008
Source: US-CERT/NIST

Overview

Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.

Impact

CVSS Severity (version 2.0):
CVSS v2 Base Score:10.0 (HIGH) (AV:N/AC:L/Au:N/C:C/I:C/A:C) (legend)
Impact Subscore: 10.0
Exploitability Subscore: 10.0
CVSS Version 2 Metrics:
Access Vector: Network exploitable
Access Complexity: Low
Authentication: Not required to exploit
Impact Type:Provides administrator access, Allows complete confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Technical Alert: TA05-221A
Name: TA05-221A
Type: Patch Information
Hyperlink:http://www.us-cert.gov/cas/techalerts/TA05-221A.html
US-CERT Vulnerability Note: VU#998653
Name: VU#998653
Hyperlink:http://www.kb.cert.org/vuls/id/998653
External Source: MS
Name: MS05-039
Type: Patch Information
Hyperlink:http://www.microsoft.com/technet/Security/bulletin/ms05-039.mspx
External Source: XF
Name: win-plugandplay-bo(21602)
Hyperlink:http://xforce.iss.net/xforce/xfdb/21602
External Source: ISS
Name: 20050809 Windows Plug and Play Remote Compromise
Hyperlink:http://xforce.iss.net/xforce/alerts/id/202
External Source: BID
Name: 14513
Hyperlink:http://www.securityfocus.com/bid/14513
External Source: MISC
Name: http://www.securiteam.com/windowsntfocus/5YP0E00GKW.html
Hyperlink:http://www.securiteam.com/windowsntfocus/5YP0E00GKW.html
External Source: OSVDB
Name: 18605
Hyperlink:http://www.osvdb.org/18605
External Source: MISC
Name: http://www.hsc.fr/ressources/presentations/null_sessions/
Hyperlink:http://www.hsc.fr/ressources/presentations/null_sessions/
External Source: MISC
Name: http://www.frsirt.com/english/alerts/20050814.ZotobA.php
Hyperlink:http://www.frsirt.com/english/alerts/20050814.ZotobA.php
External Source: VUPEN
Name: ADV-2005-1354
Hyperlink:http://www.frsirt.com/english/advisories/2005/1354
External Source: CIAC
Name: P-266
Hyperlink:http://www.ciac.org/ciac/bulletins/p-266.shtml
External Source: SECTRACK
Name: 1014640
Hyperlink:http://securitytracker.com/id?1014640
External Source: SECUNIA
Name: 16372
Hyperlink:http://secunia.com/advisories/16372
External Source: FULLDISC
Name: 20050811 Windows 2000 universal exploit for MS05-039
Hyperlink:http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0384.html
US Government Resource: oval:org.mitre.oval:def:783
Name: oval:org.mitre.oval:def:783
Type: Tool Signature
Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:783
US Government Resource: oval:org.mitre.oval:def:497
Name: oval:org.mitre.oval:def:497
Type: Tool Signature
Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:497
US Government Resource: oval:org.mitre.oval:def:474
Name: oval:org.mitre.oval:def:474
Type: Tool Signature
Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:474
US Government Resource: oval:org.mitre.oval:def:267
Name: oval:org.mitre.oval:def:267
Type: Tool Signature
Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:267
US Government Resource: oval:org.mitre.oval:def:160
Name: oval:org.mitre.oval:def:160
Type: Tool Signature
Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:160
US Government Resource: oval:org.mitre.oval:def:100073
Name: oval:org.mitre.oval:def:100073
Type: Tool Signature
Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:100073

Vulnerable software and versions

Nav control imageConfiguration 1
spacerNav control imageOR
spacerspacerNav control image* cpe:/o:microsoft:windows_2000
spacerspacerNav control image* cpe:/o:microsoft:windows_xp::sp1:tablet_pc
* Denotes Vulnerable Software
* Changes related to vulnerability configurations

Technical Details

Vulnerability Type (View All)
CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1983