CVE-2005-1981
Description
Unknown vulnerability in Microsoft Windows 2000 Server and Windows Server 2003 domain controllers allows remote authenticated users to cause a denial of service (system crash) via a crafted Kerberos message.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
- (no CPE)
- (no CPE)
Patches
Vulnerability mechanics
Root cause
"Improper processing of specially crafted Kerberos messages by domain controllers leads to a denial of service."
Attack vector
An attacker must have valid logon credentials to exploit this vulnerability; it cannot be exploited by anonymous users [ref_id=1]. The attacker sends a specially crafted Kerberos message to a domain controller on UDP or TCP port 88. This causes the Kerberos service responsible for authenticating users in an Active Directory domain to stop responding, triggering a 60-second countdown followed by an automatic system restart [ref_id=1].
Affected code
The vulnerability exists in the Kerberos authentication service on Windows 2000 Server and Windows Server 2003 domain controllers. The advisory states that "the method used by domain controllers to process specially crafted Kerberos messages" is at fault [ref_id=1]. No specific function or file names are disclosed in the bulletin.
What the fix does
The security update "removes the vulnerability by modifying the way that Kerberos processes the specially crafted message" [ref_id=1]. No patch diff is provided in the bundle, so the exact code changes are unknown. The advisory also introduces an optional registry key, RequireAsChecksum, to provide additional protection against related PKINIT vulnerabilities [ref_id=1].
Preconditions
- authAttacker must possess valid domain logon credentials
- configTarget must be a Windows 2000 Server or Windows Server 2003 domain controller
- networkNetwork access to UDP/TCP port 88 on the domain controller
Generated on May 26, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
10- secunia.com/advisories/16368/nvdPatchVendor Advisory
- www.kb.cert.org/vuls/id/610133nvdUS Government Resource
- securitytracker.com/idnvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-042nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100095nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100097nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100099nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100101nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100103nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100105nvd
News mentions
0No linked articles in our index yet.