Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0051

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-0051
Last Modified 10 Sep 2008 03:34:50
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0051

Summary

The Server service (srvsvc.dll) in Windows XP SP1 and SP2 allows remote attackers to obtain sensitive information (users who are accessing resources) via an anonymous logon using a named pipe, which is not properly authenticated, aka the "Named Pipe Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows Xp


References

CERT - TA05-039A

CERT-VN - VU#939074

MS - MS05-007

XF - win-named-pipe-information-disclosure(19093)

BID - 12486

SECTRACK - 1013112

SECUNIA - 14189


Last Updated: 27 May 2016 10:39:38