• Close
  • Back to search

    MS05-039 Microsoft Plug and Play Service Overflow

    This module exploits a stack buffer overflow in the Windows Plug and Play service. This vulnerability can be exploited on Windows 2000 without a valid user account. NOTE: Since the PnP service runs inside the service.exe process, a failed exploit attempt will cause the system to automatically reboot.

    Free Metasploit Download

    Get your copy of the world's leading penetration testing tool

     Download Now

    Module Name



    • hdm <x [at] hdm.io>
    • cazz <bmc [at] shmoo.com>



    • Windows 2000 SP0-SP4
    • Windows 2000 SP4 French
    • Windows 2000 SP4 Spanish
    • Windows 2000 SP4 English/French/German/Dutch
    • Windows 2000 SP0-SP4 German
    • Windows 2000 SP0-SP4 Italian
    • Windows XP SP1 English
    • Windows XP SP2 English (Requires Admin)
    • Windows Server 2003 SP0 English (Requires Admin)
    • Windows Server 2003 SP1 English (Requires Admin)


    • windows



    Module Options

    To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

    msf > use exploit/windows/smb/ms05_039_pnp msf exploit(ms05_039_pnp) > show targets ...targets... msf exploit(ms05_039_pnp) > set TARGET <target-id> msf exploit(ms05_039_pnp) > show options ...show and set options... msf exploit(ms05_039_pnp) > exploit

    Related Vulnerabilities