| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger. |
| Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page. |
| Microsoft Windows 2000 allows local users to bypass the policy that prohibits reusing old passwords by changing the current password before it expires, which does not enable the check for previous passwords. |
| The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions. |
| Microsoft Windows 2000 allows remote attackers to cause a denial of service (memory consumption) by sending a flood of empty TCP/IP packets with the ACK and FIN bits set to the NetBIOS port (TCP/139), as demonstrated by stream3. |
| Denial of service in RAS/PPTP on NT systems. |
| Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability. |
| When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only. |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
| Vulnerability in authentication process for SMTP service in Microsoft Windows 2000 allows remote attackers to use incorrect credentials to gain privileges and conduct activities such as mail relaying. |
| Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka "Winsock Hostname Vulnerability." |
| Listening TCP ports are sequentially allocated, allowing spoofing attacks. |
| Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories and automatically modify the inherited NTFS permissions, which may cause the directories to have less restrictive permissions than intended. |
| The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager. |
| A version of finger is running that exposes valid user information to any entity on the network. |
| Land IP denial of service. |
| Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive. |
| IIS 4.0 allows local users to bypass the "User cannot change password" policy for Windows NT by directly calling .htr password changing programs in the /iisadmpwd directory, including (1) aexp2.htr, (2) aexp2b.htr, (3) aexp3.htr , or (4) aexp4.htr. |
| Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfo_file command line parameter. NOTE: this issue might not cross security boundaries, so it may be REJECTED in the future. |
| The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition, with DHCP logging enabled, does not properly validate the length of certain messages, which allows remote attackers to cause a denial of service (application crash) via a malformed DHCP message, aka "Logging Vulnerability." |
