CVE-2003-0110 - OpenCVE

The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Isa Server Proxy Server

Configuration 1 [-]

OR	cpe:2.3:a:microsoft:isa_server:2000:::::::*
	cpe:2.3:a:microsoft:isa_server:2000:fp1::::::
	cpe:2.3:a:microsoft:isa_server:2000:sp1::::::
	cpe:2.3:a:microsoft:proxy_server:2.0:::::::*
	cpe:2.3:a:microsoft:proxy_server:2.0:sp1::::::

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=104994487012027&w=2
http://www.idefense.com/advisory/04.09.03.txt
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-012
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A406

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-04-15T04:00:00

Updated: 2024-08-08T01:43:35.267Z

Reserved: 2003-02-26T00:00:00

Link: CVE-2003-0110

Vulnrichment

No data.

NVD

Status : Modified

Published: 2003-05-05T04:00:00.000

Modified: 2018-10-12T21:32:25.600

Link: CVE-2003-0110

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2003-04-09T00:00:00", "descriptions": [{"lang": "en", "value": "The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20030409 iDEFENSE Security Advisory 04.09.03: Denial of Service in Microsoft Proxy Server and Internet Security and Acceleration Server 2000", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=104994487012027&w=2"}, {"name": "oval:org.mitre.oval:def:406", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A406"}, {"tags": ["x_refsource_MISC"], "url": "http://www.idefense.com/advisory/04.09.03.txt"}, {"name": "MS03-012", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-012"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0110", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20030409 iDEFENSE Security Advisory 04.09.03: Denial of Service in Microsoft Proxy Server and Internet Security and Acceleration Server 2000", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=104994487012027&w=2"}, {"name": "oval:org.mitre.oval:def:406", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A406"}, {"name": "http://www.idefense.com/advisory/04.09.03.txt", "refsource": "MISC", "url": "http://www.idefense.com/advisory/04.09.03.txt"}, {"name": "MS03-012", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-012"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T01:43:35.267Z"}, "title": "CVE Program Container", "references": [{"name": "20030409 iDEFENSE Security Advisory 04.09.03: Denial of Service in Microsoft Proxy Server and Internet Security and Acceleration Server 2000", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=104994487012027&w=2"}, {"name": "oval:org.mitre.oval:def:406", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A406"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.idefense.com/advisory/04.09.03.txt"}, {"name": "MS03-012", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-012"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0110", "datePublished": "2003-04-15T04:00:00", "dateReserved": "2003-02-26T00:00:00", "dateUpdated": "2024-08-08T01:43:35.267Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:isa_server:2000:*:*:*:*:*:*:*", "matchCriteriaId": "80744BD9-85A9-4E33-8C35-59C8C112AC62", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:isa_server:2000:fp1:*:*:*:*:*:*", "matchCriteriaId": "098032EB-F5E2-4061-8DE2-BEDA6B192EA9", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:isa_server:2000:sp1:*:*:*:*:*:*", "matchCriteriaId": "7F2A1D83-7D2F-4408-B93E-FB53F724EB58", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:proxy_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F7BF233-8DE6-4DC4-B9ED-5D4A180DD8B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:proxy_server:2.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "CE48AD5F-D719-4D39-ACE1-53D0FE5F6525", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745."}, {"lang": "es", "value": "El servicio Winsock Proxy en Microsoft Proxy Server 2.0 y el servicio Microsoft Firewall en Internet Security and Acceleration (ISA) Server 2000 permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumici\u00f3n de cpu o tormenta de paquetes) mediante paquetes malformados, al puerto UDP 1745."}], "id": "CVE-2003-0110", "lastModified": "2018-10-12T21:32:25.600", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2003-05-05T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=104994487012027&w=2"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.idefense.com/advisory/04.09.03.txt"}, {"source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-012"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A406"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}