Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_2000
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 516 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2001-07-18 | CVE-2001-1302 | The change password option in the Windows Security interface for Windows 2000 allows attackers to use the option to attempt to change passwords of other users on other systems or identify valid accounts by monitoring error messages, possibly due to a problem in the NetuserChangePassword function. | Windows_2000 | N/A | ||
| 2001-07-27 | CVE-2001-1288 | Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe. | Windows_2000, Windows_nt | N/A | ||
| 2001-12-20 | CVE-2001-0879 | Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service. | Sql_server, Windows_2000, Windows_nt, Windows_xp | N/A | ||
| 2001-07-21 | CVE-2001-0341 | Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll. | Frontpage_server_extensions, Windows_2000, Windows_nt | N/A | ||
| 2001-06-27 | CVE-2001-0241 | Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0. | Windows_2000 | N/A | ||
| 2001-06-27 | CVE-2001-0237 | Memory leak in Microsoft 2000 domain controller allows remote attackers to cause a denial of service by repeatedly connecting to the Kerberos service and then disconnecting without sending any data. | Windows_2000 | N/A | ||
| 2001-05-03 | CVE-2001-0147 | Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records. | Windows_2000 | N/A | ||
| 2001-02-12 | CVE-2001-0048 | The "Configure Your Server" tool in Microsoft 2000 domain controllers installs a blank password for the Directory Service Restore Mode, which allows attackers with physical access to the controller to install malicious programs, aka the "Directory Service Restore Mode Password" vulnerability. | Windows_2000 | N/A | ||
| 2001-07-21 | CVE-2001-0018 | Windows 2000 domain controller in Windows 2000 Server, Advanced Server, or Datacenter Server allows remote attackers to cause a denial of service via a flood of malformed service requests. | Windows_2000 | N/A | ||
| 2001-02-12 | CVE-2001-0014 | Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability. | Windows_2000 | N/A |