Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_nt
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 253 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2001-08-31 | CVE-2000-1200 | Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users. | Windows_nt | N/A | ||
| 2001-01-09 | CVE-2000-1149 | Buffer overflow in RegAPI.DLL used by Windows NT 4.0 Terminal Server allows remote attackers to execute arbitrary commands via a long username, aka the "Terminal Server Login Buffer Overflow" vulnerability. | Windows_nt | N/A | ||
| 2001-01-09 | CVE-2000-1089 | Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability. | Windows_2000, Windows_nt | N/A | ||
| 2000-08-29 | CVE-2000-1079 | Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram. | Windows_2000, Windows_95, Windows_98, Windows_nt | N/A | ||
| 2001-01-09 | CVE-2000-1039 | Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities. NOTE: this candidate may change significantly as the security community discusses the technical nature of NAPTHA and learns more about the affected applications. This candidate is at a higher level... | Windows_95, Windows_98, Windows_98se, Windows_me, Windows_nt | N/A | ||
| 2000-11-14 | CVE-2000-0858 | Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to cause a denial of service in IIS by sending it a series of malformed requests which cause INETINFO.EXE to fail, aka the "Invalid URL" vulnerability. | Internet_information_server, Windows_nt | N/A | ||
| 2000-07-27 | CVE-2000-0673 | The NetBIOS Name Server (NBNS) protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability. | Windows_2000, Windows_nt | N/A | ||
| 2000-07-25 | CVE-2000-0663 | The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative Shell Path" vulnerability. | Windows_2000, Windows_nt | N/A | ||
| 2000-06-05 | CVE-2000-0544 | Windows NT and Windows 2000 hosts allow a remote attacker to cause a denial of service via malformed DCE/RPC SMBwriteX requests that contain an invalid data length. | Windows_2000, Windows_nt | N/A | ||
| 2000-05-25 | CVE-2000-0404 | The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability. | Terminal_server, Windows_2000, Windows_95, Windows_98, Windows_nt | N/A |