| 7! | Win32 'Shatter' attacks
updated since 22.08.2002
|
 | | Is priveleged application doesn't check system messages data it may be possible to execute code in application context by setting callback functions or excluding limits causing buffer overflws. |
| 7! | Windows 2000 multiple bugs
updated since 08.07.2003
|
| | Windows 2000 Internet Key Exchange Selects Incorrect Certificate,
Update to Help Prevent Cross-Forest Certificate Enrollment,
Update to Verify cbDestLength in the Imaadpcm Component,
Zones Removed from the Registry When You Start the DNS Service,
Account Replication Latency Causes Certificate Enrollment to Fail,
Potential Denial of Service Vulnerability Exists in SAM,
Call to USBH_IoctlGetNodeConnectionDriverKeyName May Return Uninitialized Data,
Update to Use MAX_PATH Variable in Port Name Buffers,
The MyGetSidFromDomain Function Calls DsGetDCName to Obtain the Domain Security ID,
ModifyDN Request May Cause an Infinite Loop When the New Parent Is Specified by a Distinguished Name,
User May Impersonate a Named Pipe Client in a Terminal Services Session and Gain Access to the System Account,
CDP and AIA URLs Are Not Displayed in the Certification Authority Snap-in If the URL Contains "%%20" Characters,
Update Helps to Prevent Two Client-Supplied Authorization Data Entries from Being Included in a Kerberos Ticket,
Server Can Gain Access to Your Computer by Using an RPC Connection When You Download and Install Drivers in Internet Explorer,
A Socket Handle Memory Leak Condition May Occur in Cryptnet.dll,
Vulnerability in Terminal Services Licensing May Permit a Malicious User to Generate Additional Client Licenses in Terminal Services Licensing |
| 6! | Windows 2000 Active Directory buffer overflow
|
| | Stack overflow on LDAP search request with more than 1000 "AND" statements. |
| 6! | Windows 2000 ShellExecute() buffer overflow
|
| | Buffer overflow in 3rd argument. |
| | Microsoft Windows 2000 Network Monitor buffer overflow
|
| | Buffer overflow on pasring SMB request to oversized filename. |
| 7! | Windows NTLM relaying attacks
updated since 14.09.2000
|
| | Some client program use NTLM authentication with user's permission without user request. It may leak to NTLM credentials and perform choosen challenge attack and comprometation of server's with client credentials by relaying NTLM request. |
| | Microsoft Windows NT cmd.exe buffer overflow
|
| | Buffer overflow (Windows NT) or batch failure (Windows 2000) on oversized paths. |
| 7! | Buffer overflow in Microsoft Windows NT/2000/XP Locator service
updated since 23.01.2003
|
| | Buffer overflow during packet parsing on Domain Controllers. |
| | Windows 2000 SMB signing protection bypass
updated since 14.12.2002
|
| | During connectio nsetup it's possible to switch off SMB signing regardless of policy setting. |
| | Multiple Windows 2000 driver signing problems
|
| | It's possible to spoof file with older one, problem in certificate chain validation. |
| 6! | Windows 2000/XP PPTP buffer overflow
updated since 01.10.2002
|
| | Malformed PPTP packets causes service to crash. |
| | Microsoft RPC null reference DoS
updated since 19.10.2002
|
| | NULL pointer reference during processing of RPC packet (TCP/135) |
| 7! | Buffer overflow in Windows 2000/NT SMB protocol
updated since 23.08.2002
|
| | Malcrafted SMB quiery into port 139/445 causes server to crash. |
| 8! | Windows 2000 Network Connection Manager privelege escalation
|
| | Callback function is called with system priveleges. |
| | DoS against Windows and other systems
updated since 20.05.2000
|
| | A number of fragmented packet cause host to freeze during the attack. |
| 6! | Microsoft RAS Phonebook buffer overflow
updated since 05.12.2000
|
| | Buffer overflow. |
| | Microsoft Windows 2000 Active Directory LDAP DoS
|
| | Malformed LDAP-request causes Active Directory to hang. |
| 6! | Windows 2000 Directory Service DoS
|
| | Flood to TCP/445 (microsoft-ds) port causes server to hang. |
| 6! | Переполнение буфера в telnet сервере Microsoft (buffer overflow) |
| | | |
| | DoS против Windows 2000/NT (stream3 flood)
updated since 10.01.2001 |
| | | |
| 6! | RADIUS protocol and implementation weakness
updated since 13.11.2001
|
| | There are few cryptographic problems allow to analize sniffed traffic. There is a possibility of request spoofing. Some implementation problems allow to DoS server or to elevate priveges. |
| 7! | Проблемы со службой RunAs в Windows 2000 (privelege escalation) |
| | | |
| | DoS против Windows NT/2000 через Terminal Service (Invalid RDP Data, memory leak)
updated since 01.02.2001 |
| | | |
| | Новая DoS атака - simultation close
updated since 16.08.2001 |
| | | |
| | RPC DoS против MS Exchange/SQL/Windows NT/2000
updated since 27.07.2001 |
| | | |
| | Переполнение буфера в Windows 2000 IRDA Driver (buffer overflow) |
| | | |
| | DoS против NNTP в Windows NT/2000 |
| | | |
| | Релеинг через SMTP-службу в Windows 2000 (message relaying) |
| | | |
| | Неавторизованный доступ через SSL к LDAP в Windows 2000 (unauthorized access) |
| | | |
| 9! | Проблема с отладочными регистрами в Windows 2000 (debug registers privelege elevation) |
| | | |
| 7! | Дырки в Microsoft IndexServer (buffer overflow, file disclosure) |
| | | |
| | DoS против Kerberos в Windows 2000 (memory leakage) |
| | | |
| 6! | Дырка в Event Viewer из Windows 2000 |
| | | |
| | Потенциальная дырка в драйверах Windows NT/2000 (DbgPrint format string) |
| | | |
| | DoS против контроллеров домена в Windows 2000 |
| | | |
| 8! | Дырка в Windows 2000 (Network DDE Agent privilege elevation)
updated since 06.02.2001 |
| | | |
| | Дырка в мастере "Configure Your Server" Windows 2000 |
| | | |
| | UDP-шторм в Windows 2000 (Kerberos 5 UDP storm) |
| | | |
| 6! | Проблемы в Windows 2000 (Domain Account Lockout) |
| | | |
| 6! | Проблемы с одним из компонент ActiveX (Parameter Validation)
updated since 04.11.2000 |
| | | |
| | Дырки в Network Monitor Windows NT/2000
updated since 02.11.2000 |
| | | |
| 6! | Уязвимость в Microsoft/Hilgraeve Hyperterminal |
| | | |
| 7! | Многочисленные дырки в LPC Windows 2000/NT |
| | | |
| | Проблемы с подмонтированными дисками и клиентами Mac в Win2K |
| | | |
| 6! | DoS Windows 2000 через RPC |
| | | |
| | Локальная дырка в Windows 2000 - переполнение буфера в Still Image Service |
| | | |
| | Серьезная проблема с реализацией NetBIOS (NetBT) в Windows |
| | | |
| | DoS против Windows 2000 (повреждение файла локальной политики) |
| | | |
| | Дырка в Windows 2000 COM Internet Services Proxy |
| | | |
| 6! | Уязвимость в services.exe Windows 2000 |
| | | |
| | Уязвимость в NT - относительнный путь к оболочке пользователя. |
| | | |
| | DoS против Windows - конфликт имен NetBIOS |
| | | |
| | DoS против telnet в Windows 2000 |
| | | |
| | Проблема с Desktop'ами в Windows 2000 |
| | | |
| | Проблема с Protected Storage в Win2K |
| | | |
| | Проблемы со службой обзора (Browser) |
| | | |
| | Слабость EFS в Windows 2000 |
| | | |
| | Переполнение буфера в CMD
updated since 21.04.2000 |
| | | |
| 6! | Проблема доступа к объектам Активной Директории |
| | | |
| 6! | DoS-атака на сервис печати TCP/IP Windows NT |
| | | |
| | |
