Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_nt
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 253 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2001-03-12 | CVE-2001-0017 | Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability. | Windows_nt | N/A | ||
| 2001-03-12 | CVE-2001-0016 | NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access. | Windows_nt | N/A | ||
| 2001-02-12 | CVE-2001-0003 | Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability. | Office, Windows_2000, Windows_me, Windows_nt | N/A | ||
| 2001-08-31 | CVE-2000-1200 | Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users. | Windows_nt | N/A | ||
| 2001-01-09 | CVE-2000-1149 | Buffer overflow in RegAPI.DLL used by Windows NT 4.0 Terminal Server allows remote attackers to execute arbitrary commands via a long username, aka the "Terminal Server Login Buffer Overflow" vulnerability. | Windows_nt | N/A | ||
| 2001-01-09 | CVE-2000-1089 | Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability. | Windows_2000, Windows_nt | N/A | ||
| 2000-08-29 | CVE-2000-1079 | Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram. | Windows_2000, Windows_95, Windows_98, Windows_nt | N/A | ||
| 2001-01-09 | CVE-2000-1039 | Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities. NOTE: this candidate may change significantly as the security community discusses the technical nature of NAPTHA and learns more about the affected applications. This candidate is at a higher level... | Windows_95, Windows_98, Windows_98se, Windows_me, Windows_nt | N/A | ||
| 2000-11-14 | CVE-2000-0858 | Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to cause a denial of service in IIS by sending it a series of malformed requests which cause INETINFO.EXE to fail, aka the "Invalid URL" vulnerability. | Internet_information_server, Windows_nt | N/A | ||
| 2000-07-27 | CVE-2000-0673 | The NetBIOS Name Server (NBNS) protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability. | Windows_2000, Windows_nt | N/A |