CVE-2005-0050: Input Validation
First published: Mon May 02 2005(Updated: )
The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the "License Logging Service Vulnerability."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows NT | =4.0-sp3 | |
| Microsoft Windows 2003 Server | =web | |
| Microsoft Windows 2003 Server | =enterprise | |
| Microsoft Windows 2003 Server | =2003 | |
| Microsoft Windows 2003 Server | =enterprise_64-bit | |
| Microsoft Windows 2000 | ||
| Microsoft Windows NT | =4.0-sp6 | |
| Microsoft Windows NT | =4.0 | |
| Microsoft Windows NT | =4.0-sp1 | |
| Microsoft Windows NT | =4.0-sp3 | |
| Microsoft Windows 2000 | =sp4 | |
| Microsoft Windows NT | =4.0-sp6 | |
| Microsoft Windows NT | =4.0-sp4 | |
| Microsoft Windows 2003 Server | =2000 | |
| Microsoft Windows NT | =4.0-sp5 | |
| Microsoft Windows 2000 | =sp2 | |
| Microsoft Windows NT | =4.0-sp6 | |
| Microsoft Windows NT | =4.0 | |
| Microsoft Windows NT | =4.0-sp4 | |
| Microsoft Windows 2003 Server | =r2 | |
| Microsoft Windows NT | =4.0-sp6a | |
| Microsoft Windows NT | =4.0 | |
| Microsoft Windows NT | =4.0-sp6a | |
| Microsoft Windows NT | =4.0-sp4 | |
| Microsoft Windows NT | =4.0-sp2 | |
| Microsoft Windows NT | =4.0-sp1 | |
| Microsoft Windows 2000 | =sp1 | |
| Microsoft Windows NT | =4.0-sp1 | |
| Microsoft Windows NT | =4.0-sp2 | |
| Microsoft Windows NT | =4.0-sp5 | |
| Microsoft Windows 2003 Server | =standard | |
| Microsoft Windows NT | =4.0-sp6a | |
| Microsoft Windows NT | =4.0-sp3 | |
| Microsoft Windows 2003 Server | =r2 | |
| Microsoft Windows NT | =4.0-sp5 | |
| Microsoft Windows NT | =4.0-sp2 | |
| Microsoft Windows 2000 | =sp3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.us-cert.gov/cas/techalerts/TA05-039A.html
- http://www.kb.cert.org/vuls/id/130433
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19101
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A644
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4786
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3582
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2568
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-010
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-historical
- vendor/microsoft
- vendor/windows nt
- vendor/windows 2003 server
- vendor/windows 2000
- collector/nvd-index
- canonical/microsoft windows nt
- version/microsoft windows nt/4.0-sp3
- canonical/microsoft windows 2003 server
- version/microsoft windows 2003 server/web
- version/microsoft windows 2003 server/enterprise
- version/microsoft windows 2003 server/2003
- version/microsoft windows 2003 server/enterprise_64-bit
- canonical/microsoft windows 2000
- version/microsoft windows nt/4.0-sp6
- version/microsoft windows nt/4.0
- version/microsoft windows nt/4.0-sp1
- version/microsoft windows 2000/sp4
- version/microsoft windows nt/4.0-sp4
- version/microsoft windows 2003 server/2000
- version/microsoft windows nt/4.0-sp5
- version/microsoft windows 2000/sp2
- version/microsoft windows 2003 server/r2
- version/microsoft windows nt/4.0-sp6a
- version/microsoft windows nt/4.0-sp2
- version/microsoft windows 2000/sp1
- version/microsoft windows 2003 server/standard
- version/microsoft windows 2000/sp3