CVE-2005-2120

Related Files

Microsoft Plug and Play Service Registry Overflow

Posted Aug 31, 2024

Authored by Jay Turla | Site metasploit.com

This Metasploit module triggers a stack buffer overflow in the Windows Plug and Play service. This vulnerability can be exploited on Windows 2000 without a valid user account. Since the PnP service runs inside the service.exe process, this module will result in a forced reboot on Windows 2000. Obtaining code execution is possible if user-controlled memory can be placed at 0x00000030, 0x0030005C, or 0x005C005C.

tags | exploit, overflow, code execution

systems | windows, 2k

advisories | CVE-2005-2120

SHA-256 | 9bc6ba9961573354e40fc662a60198fb90e56bf774046538a7471d9b24ca450d

Download | Favorite | View

20051021.MS05-047.c

Posted Nov 4, 2005

Remote exploit that makes use of a buffer length checking issue in the Microsoft UMPNPMGR PNP_GetDeviceList (services.exe - ms05-047).

tags | exploit, remote

advisories | CVE-2005-2120

SHA-256 | 345a0d8ab4a6509f06d6a75f4f2eae744f2bf4df914b5e46c61fd00ce658368c

Download | Favorite | View

Technical Cyber Security Alert 2005-284A

Posted Oct 12, 2005

Authored by US-CERT | Site cert.org

Microsoft has released updates that address critical vulnerabilities in Windows, Internet Explorer, and Exchange Server. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on an affected system.

tags | advisory, remote, denial of service, arbitrary, vulnerability

systems | windows

advisories | CVE-2005-2120, CVE-2005-1987, CVE-2005-2122, CVE-2005-2128, CVE-2005-2119, CVE-2005-1978, CVE-2005-2127, CVE-2005-0163

SHA-256 | 6c799cf41e6747d9adaea42ead6b8b60f863722c7e7357b362b6afe1010ce3c0

Download | Favorite | View