CVE-2005-3945

Published Dec 1, 2005

Last updated 6 years ago

Overview

Description: The SynAttackProtect protection in Microsoft Windows 2003 before SP1 and Windows 2000 before SP4 with Update Roll-up uses a hash of predictable data, which allows remote attackers to cause a denial of service (CPU consumption) via a flood of SYN packets that produce identical hash values, which slows down the hash table lookups.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E69D0E21-8C62-403E-8097-2CA403CBBB1B"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D42E51C-740A-4441-8BAF-D073111B984C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74AD256D-4BCE-41FB-AD73-C5C63A59A06D"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B518E945-5FDE-4A37-878D-6946653C91F7"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References