CVE-2005-1979

Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service exception and exit) via an "unexpected protocol command during the reconnection request," which is not properly handled by the Transaction Internet Protocol (TIP) functionality.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.idefense.com/application/poi/display?id=320&type=vulnerabilities	Vendor Advisory
http://www.securityfocus.com/bid/15058
http://securitytracker.com/id?1015037
http://secunia.com/advisories/17161
http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf
http://secunia.com/advisories/17172
http://secunia.com/advisories/17223
http://secunia.com/advisories/17509
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A686
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1550
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1513
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1338
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1283
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1134
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-051

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:microsoft:windows_2003_server:r2:::::::*
	cpe:2.3:o:microsoft:windows_2003_server:sp1:::::::*
	cpe:2.3:o:microsoft:windows_2000::sp4::fr::::
	cpe:2.3:o:microsoft:windows_2003_server:64-bit:::::::*
	cpe:2.3:o:microsoft:windows_2003_server:itanium:::::::*
	cpe:2.3:o:microsoft:windows_2003_server:sp1::itanium:::::
	cpe:2.3:o:microsoft:windows_xp:::64-bit:::::*
	cpe:2.3:o:microsoft:windows_xp::sp1:tablet_pc:::::
	cpe:2.3:o:microsoft:windows_xp::sp2:tablet_pc:::::

Information

Published : 2005-10-12 06:04

Updated : 2018-10-12 14:36

NVD link : CVE-2005-1979

Mitre link : CVE-2005-1979

JSON object : View

CWE

NVD-CWE-Other

Products Affected

microsoft

windows_xp
windows_2003_server
windows_2000

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.idefense.com/application/poi/display?id=320&type=vulnerabilities", "name": "20051011 Microsoft Distributed Transaction Controller TIP DoS Vulnerability", "tags": ["Vendor Advisory"], "refsource": "IDEFENSE"}, {"url": "http://www.securityfocus.com/bid/15058", "name": "15058", "tags": [], "refsource": "BID"}, {"url": "http://securitytracker.com/id?1015037", "name": "1015037", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/17161", "name": "17161", "tags": [], "refsource": "SECUNIA"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf", "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/17172", "name": "17172", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/17223", "name": "17223", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/17509", "name": "17509", "tags": [], "refsource": "SECUNIA"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A686", "name": "oval:org.mitre.oval:def:686", "tags": [], "refsource": "OVAL"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1550", "name": "oval:org.mitre.oval:def:1550", "tags": [], "refsource": "OVAL"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1513", "name": "oval:org.mitre.oval:def:1513", "tags": [], "refsource": "OVAL"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1338", "name": "oval:org.mitre.oval:def:1338", "tags": [], "refsource": "OVAL"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1283", "name": "oval:org.mitre.oval:def:1283", "tags": [], "refsource": "OVAL"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1134", "name": "oval:org.mitre.oval:def:1134", "tags": [], "refsource": "OVAL"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-051", "name": "MS05-051", "tags": [], "refsource": "MS"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service exception and exit) via an \"unexpected protocol command during the reconnection request,\" which is not properly handled by the Transaction Internet Protocol (TIP) functionality."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-1979", "ASSIGNER": "secure@microsoft.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2005-10-12T13:04Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:itanium:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-12T21:36Z"}

5.0 /10