Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back.
Max CVSS
5.0
EPSS Score
2.38%
Published
2000-12-31
Updated
2019-04-30
The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.
Max CVSS
9.8
EPSS Score
0.64%
Published
2000-04-14
Updated
2024-02-08
Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulnerability.
Max CVSS
4.6
EPSS Score
0.23%
Published
2000-11-21
Updated
2019-04-30
Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram.
Max CVSS
7.5
EPSS Score
1.76%
Published
2000-08-29
Updated
2017-12-19
Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM ActiveX Component" vulnerability.
Max CVSS
5.1
EPSS Score
0.57%
Published
2000-12-11
Updated
2018-10-12
Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability.
Max CVSS
10.0
EPSS Score
0.11%
Published
2000-12-11
Updated
2018-10-12
Microsoft Exchange Server 5.5 does not properly handle a MIME header with a blank charset specified, which allows remote attackers to cause a denial of service via a charset="" command, aka the "Malformed MIME Header" vulnerability.
Max CVSS
5.0
EPSS Score
74.15%
Published
2000-12-11
Updated
2020-04-09
NETBIOS client in Windows 95 and Windows 98 allows a remote attacker to cause a denial of service by changing a file sharing service to return an unknown driver type, which causes the client to crash.
Max CVSS
2.6
EPSS Score
0.67%
Published
2000-12-11
Updated
2017-10-10
Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service (CPU utilization) via a sequence of null bytes to the NetMeeting port, aka the "NetMeeting Desktop Sharing" vulnerability.
Max CVSS
5.0
EPSS Score
10.76%
Published
2000-12-19
Updated
2018-10-12
Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web Credentials" vulnerability.
Max CVSS
7.5
EPSS Score
0.64%
Published
2000-12-19
Updated
2021-07-23
NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink does not properly filter packets from a broadcast address, which allows remote attackers to cause a broadcast storm and flood the network.
Max CVSS
5.0
EPSS Score
0.62%
Published
2000-12-19
Updated
2018-10-12
File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability.
Max CVSS
6.4
EPSS Score
3.90%
Published
2000-12-19
Updated
2018-10-12
IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, which could allow remote attackers to hijack the secure web session of the user if that user moves to an insecure session, aka the "Session ID Cookie Marking" vulnerability.
Max CVSS
7.5
EPSS Score
1.70%
Published
2000-12-19
Updated
2018-10-30
A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote attackers to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) search.
Max CVSS
5.0
EPSS Score
3.75%
Published
2000-12-19
Updated
2018-10-30
The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability.
Max CVSS
5.1
EPSS Score
95.02%
Published
2000-12-19
Updated
2018-10-12
The Input Method Editor (IME) in the Simplified Chinese version of Windows 2000 does not disable access to privileged functionality that should normally be restricted, which allows local users to gain privileges, aka the "Simplified Chinese IME State Recognition" vulnerability.
Max CVSS
4.6
EPSS Score
0.05%
Published
2000-12-19
Updated
2018-10-12
Microsoft Windows Media Player 7 allows attackers to cause a denial of service in RTF-enabled email clients via an embedded OCX control that is not closed properly, aka the "OCX Attachment" vulnerability.
Max CVSS
5.0
EPSS Score
0.40%
Published
2000-12-19
Updated
2018-10-12
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Max CVSS
7.5
EPSS Score
95.96%
Published
2000-12-19
Updated
2018-10-30
Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Protocol Parsing" vulnerability. NOTE: It is highly likely that this candidate will be split into multiple candidates.
Max CVSS
7.5
EPSS Score
43.61%
Published
2000-12-19
Updated
2019-04-30
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
Max CVSS
7.5
EPSS Score
93.79%
Published
2000-12-19
Updated
2018-10-30
Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to cause a denial of service in IIS by sending it a series of malformed requests which cause INETINFO.EXE to fail, aka the "Invalid URL" vulnerability.
Max CVSS
5.0
EPSS Score
1.90%
Published
2000-11-14
Updated
2017-10-10
When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same directory as the document.
Max CVSS
10.0
EPSS Score
1.81%
Published
2000-11-14
Updated
2017-10-10
Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability.
Max CVSS
4.6
EPSS Score
0.10%
Published
2000-11-14
Updated
2018-10-12
Race condition in Microsoft Windows Media server allows remote attackers to cause a denial of service in the Windows Media Unicast Service via a malformed request, aka the "Unicast Service Race Condition" vulnerability.
Max CVSS
2.6
EPSS Score
0.61%
Published
2000-11-14
Updated
2018-10-12
The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client NTLM Authentication" vulnerability.
Max CVSS
7.5
EPSS Score
2.67%
Published
2000-11-14
Updated
2018-10-12
143 vulnerabilities found
1 2 3 4 5 6
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!