Computer Security
[EN] no-pyccku

Name:MICROSOFT : Windows NT 4.0 Workstation

8!Microsoft Windows SMB file system client buffer overflow
updated since 09.02.2005
document Buffer overflow on nework protocol parsing.
10!Windows multiple bugs
updated since 14.04.2004
document LSASSS buffer overflow, LDAP DoS, PCT buffer overflow, WinLogon buffer overflow, WMF/EMF parsing buffer overflow, HCP:// code execution, Utility Manager privilege escalation, WMI privilege escalation, LDT privilege escalation, H.323 buffer overflow, NTVDM privilege escalation, ASM.1 double free memory coruuption.
 Microsoft Windows msjet database multipl vulnerabilities
document Microsoft Windows msjet databases multiple vulnerabilities.
8!Multiple Microsoft Windows bugs
updated since 15.12.2004
document Kernel buffer overflow LSASS privilege escalation.
 Windows ANI files DoS
document Installing ANI file with incorrect parameters causes syste, to freeze or crash.
6!Windows LoadImage integer overflow
document Integer overflow on bitmap size calculation.
6!Microsoft WordPad buffer overflow
document Buffer overflow during Word 95/6.0 documents conversion.
 HyperTerminal buffer overflow
document Buffer overflow on .ht files parsing.
6!Microsoft Windows Task Scheduler buffer overflow
document Buffer overflow during .job files parsing.
8!Microsoft HTML Help buffer overflow
document Buffer overflow on CHM format parsing.
 Windows Shell file type spoofing
document By using class id in content-disposition it's possible ti spoof file type. Content-Disposition: attachment; filename=malware.{3050f4d8-98B5- 11CF-BB82-00AA00BDCE0B}fun_ball_gites_pie_throw%2Empeg"
10!Windows NT/2000/XP/2003 RPC buffer overflow
updated since 17.07.2003
document Multiple buffer overflows during RPC request parsing via TCP/135 and another RPC ports.
6!Microsoft Jet Database Engine buffer overflow
document Request to database can cause buffer overflow.
10!Multiple Windows ASN.1 bugs
updated since 11.02.2004
document Heap corruptions, heap buffer overflows open possibilities for attack via different protocols and applications.
7!Win32 'Shatter' attacks
updated since 22.08.2002
document Is priveleged application doesn't check system messages data it may be possible to execute code in application context by setting callback functions or excluding limits causing buffer overflws.
10!Windows Messenger service buffer overflow
updated since 16.10.2003
document Buffer overflow on message receiving.
7!Buffer Overflow in Tshoot.ocx Windows Troubleshooter ActiveX
updated since 16.10.2003
8!Microsoft Windows Authenticode protection bypass
document There is a vulnerability in Authenticode that, under certain low memory conditions, could allow an ActiveX control to download and install without presenting the user with an approval dialog.
 Windows ListBox/ComboBox buffer overflow
document Buffer overflow in Windows components makes it possible to launch shatter attack.
 Microsoft Windows NetBIOS information leak
document Uninitialized memory structure during reply to NetBIOS name request allows attacker to read few bytes from remote host's memory.
7!Windows DirectX MIDI integer overflow
updated since 24.07.2003
document Integer overflow during MIDI processing leads to heap corruption allowing code execution.
6!Multiple SNMP problems
updated since 13.02.2002
document Multiple problems in different SNMP implementation can lead to DoS, remote code execution, etc.
7!Windows NTLM relaying attacks
updated since 14.09.2000
document Some client program use NTLM authentication with user's permission without user request. It may leak to NTLM credentials and perform choosen challenge attack and comprometation of server's with client credentials by relaying NTLM request.
7!Windows NT/2000/XP kernel buffer overflow
document Stack based overflow during debug message processing.
 Microsoft RPC DoS
document Malformed request to RPC Endpoint Mapper (TCP/135) may cause RPC services to crash.
7!Windows Script Engine integer overflow
document Integer overflow on array's sort() function.
 Microsoft Windows NT cmd.exe buffer overflow
document Buffer overflow (Windows NT) or batch failure (Windows 2000) on oversized paths.
 Group policy DoS in Windows NT/2000
updated since 05.12.2001
document By putting exclusive lock on group policy file it's possible to stop group policy from applying domainwide.
7!Buffer overflow in Windows 2000/NT SMB protocol
updated since 23.08.2002
document Malcrafted SMB quiery into port 139/445 causes server to crash.
 DoS against Windows and other systems
updated since 20.05.2000
document A number of fragmented packet cause host to freeze during the attack.
6!Microsoft RAS Phonebook buffer overflow
updated since 05.12.2000
document Buffer overflow.
8!Debploit: Microsoft Windows NT/2000 debug API privelege escalation
updated since 15.03.2002
document By connection to PLC port DbgSsApiPOrt it's possible to obtain handler for any process or thread for debugging.
6!Buffer overflow in Windows NT/2000/XP
updated since 04.04.2002
document Buffer overflow on long request to MUP (Multiple UNC Provider)
 DoS против Windows 2000/NT (stream3 flood)
updated since 10.01.2001
 Локальный DoS в Windows NT/2000
 Дырка в API Windows NT 4.0 (GetFullPathName buffer overflow)
 Потенциальная дырка в драйверах Windows NT/2000 (DbgPrint format string)
 Дырка в Windows NT (NTLMSSP)
updated since 08.02.2001
 Локальный DoS против Windows NT (mutex)
updated since 26.01.2001
 DoS через Windows NT Task Scheduler
6!NAPTHA - DoS через открытые/полуоткрытые соединения
updated since 05.12.2000
6!Очередный проблемы с разрешениями в реестре Windows NT
updated since 24.10.2000
 DoS против NetBIOS/TCP/IP - NBT flood
7!Многочисленные дырки в LPC Windows 2000/NT
 Серьезная проблема с реализацией NetBIOS (NetBT) в Windows
6!Проблема с локальной безопасностью в NT - SystemLoadAndCallImage
 Уязвимость в NT - относительнный путь к оболочке пользователя.
 DoS против Windows - конфликт имен NetBIOS
6!DoS против Windows NT
 Уязвимость в NTLMv1
6!DoS против протокола SMB (Server) в WinNT/Win2K
 Проблемы со службой обзора (Browser)
 Переполнение буфера в CMD
updated since 21.04.2000
6!Microsoft выпустил патч накладывающий корректные разрешения реестра
6!DoS-атака на сервис печати TCP/IP Windows NT

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod