7.5

CVE-2005-0051

EPSS 43.94%
Veröffentlicht 02.05.2005 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

The Server service (srvsvc.dll) in Windows XP SP1 and SP2 allows remote attackers to obtain sensitive information (users who are accessing resources) via an anonymous logon using a named pipe, which is not properly authenticated, aka the "Named Pipe Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Windows Xp Updatesp1 Edition64-bit

Microsoft ≫ Windows Xp Updatesp1 Editiontablet_pc

Microsoft ≫ Windows Xp Updatesp2 Editiontablet_pc

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	43.94%	0.972

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.us-cert.gov/cas/techalerts/TA05-039A.html

Patch

Third Party Advisory

US Government Resource

http://secunia.com/advisories/14189

http://securitytracker.com/id?1013112

http://www.kb.cert.org/vuls/id/939074

Patch

US Government Resource

http://www.securityfocus.com/bid/12486

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-007

https://exchange.xforce.ibmcloud.com/vulnerabilities/19093

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2292

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3055

https://nvd.nist.gov/vuln/detail/CVE-2005-0051

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-0051

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-0051

EUVD