Computer Security
[EN] no-pyccku

Name:MICROSOFT : Windows 2000 Advanced Server

7!Win32 'Shatter' attacks
updated since 22.08.2002
document Is priveleged application doesn't check system messages data it may be possible to execute code in application context by setting callback functions or excluding limits causing buffer overflws.
7!Windows 2000 multiple bugs
updated since 08.07.2003
document Windows 2000 Internet Key Exchange Selects Incorrect Certificate, Update to Help Prevent Cross-Forest Certificate Enrollment, Update to Verify cbDestLength in the Imaadpcm Component, Zones Removed from the Registry When You Start the DNS Service, Account Replication Latency Causes Certificate Enrollment to Fail, Potential Denial of Service Vulnerability Exists in SAM, Call to USBH_IoctlGetNodeConnectionDriverKeyName May Return Uninitialized Data, Update to Use MAX_PATH Variable in Port Name Buffers, The MyGetSidFromDomain Function Calls DsGetDCName to Obtain the Domain Security ID, ModifyDN Request May Cause an Infinite Loop When the New Parent Is Specified by a Distinguished Name, User May Impersonate a Named Pipe Client in a Terminal Services Session and Gain Access to the System Account, CDP and AIA URLs Are Not Displayed in the Certification Authority Snap-in If the URL Contains "%%20" Characters, Update Helps to Prevent Two Client-Supplied Authorization Data Entries from Being Included in a Kerberos Ticket, Server Can Gain Access to Your Computer by Using an RPC Connection When You Download and Install Drivers in Internet Explorer, A Socket Handle Memory Leak Condition May Occur in Cryptnet.dll, Vulnerability in Terminal Services Licensing May Permit a Malicious User to Generate Additional Client Licenses in Terminal Services Licensing
6!Windows 2000 ShellExecute() buffer overflow
document Buffer overflow in 3rd argument.
6!Windows 2000 Active Directory buffer overflow
document Stack overflow on LDAP search request with more than 1000 "AND" statements.
 Microsoft Windows 2000 Network Monitor buffer overflow
document Buffer overflow on pasring SMB request to oversized filename.
7!Windows NTLM relaying attacks
updated since 14.09.2000
document Some client program use NTLM authentication with user's permission without user request. It may leak to NTLM credentials and perform choosen challenge attack and comprometation of server's with client credentials by relaying NTLM request.
 Microsoft Windows NT cmd.exe buffer overflow
document Buffer overflow (Windows NT) or batch failure (Windows 2000) on oversized paths.
7!Buffer overflow in Microsoft Windows NT/2000/XP Locator service
updated since 23.01.2003
document Buffer overflow during packet parsing on Domain Controllers.
 Windows 2000 SMB signing protection bypass
updated since 14.12.2002
document During connectio nsetup it's possible to switch off SMB signing regardless of policy setting.
 Multiple Windows 2000 driver signing problems
document It's possible to spoof file with older one, problem in certificate chain validation.
6!Windows 2000/XP PPTP buffer overflow
updated since 01.10.2002
document Malformed PPTP packets causes service to crash.
 Microsoft RPC null reference DoS
updated since 19.10.2002
document NULL pointer reference during processing of RPC packet (TCP/135)
7!Buffer overflow in Windows 2000/NT SMB protocol
updated since 23.08.2002
document Malcrafted SMB quiery into port 139/445 causes server to crash.
8!Windows 2000 Network Connection Manager privelege escalation
document Callback function is called with system priveleges.
 DoS against Windows and other systems
updated since 20.05.2000
document A number of fragmented packet cause host to freeze during the attack.
6!Microsoft RAS Phonebook buffer overflow
updated since 05.12.2000
document Buffer overflow.
 Microsoft Windows 2000 Active Directory LDAP DoS
document Malformed LDAP-request causes Active Directory to hang.
6!Windows 2000 Directory Service DoS
document Flood to TCP/445 (microsoft-ds) port causes server to hang.
6!Переполнение буфера в telnet сервере Microsoft (buffer overflow)
 DoS против Windows 2000/NT (stream3 flood)
updated since 10.01.2001
6!RADIUS protocol and implementation weakness
updated since 13.11.2001
document There are few cryptographic problems allow to analize sniffed traffic. There is a possibility of request spoofing. Some implementation problems allow to DoS server or to elevate priveges.
7!Проблемы со службой RunAs в Windows 2000 (privelege escalation)
 DoS против Windows NT/2000 через Terminal Service (Invalid RDP Data, memory leak)
updated since 01.02.2001
 Новая DoS атака - simultation close
updated since 16.08.2001
 RPC DoS против MS Exchange/SQL/Windows NT/2000
updated since 27.07.2001
 Переполнение буфера в Windows 2000 IRDA Driver (buffer overflow)
 DoS против NNTP в Windows NT/2000
 Релеинг через SMTP-службу в Windows 2000 (message relaying)
 Неавторизованный доступ через SSL к LDAP в Windows 2000 (unauthorized access)
9!Проблема с отладочными регистрами в Windows 2000 (debug registers privelege elevation)
7!Дырки в Microsoft IndexServer (buffer overflow, file disclosure)
 DoS против Kerberos в Windows 2000 (memory leakage)
6!Дырка в Event Viewer из Windows 2000
 Потенциальная дырка в драйверах Windows NT/2000 (DbgPrint format string)
 DoS против контроллеров домена в Windows 2000
8!Дырка в Windows 2000 (Network DDE Agent privilege elevation)
updated since 06.02.2001
 Дырка в мастере "Configure Your Server" Windows 2000
 UDP-шторм в Windows 2000 (Kerberos 5 UDP storm)
6!Проблемы в Windows 2000 (Domain Account Lockout)
6!Проблемы с одним из компонент ActiveX (Parameter Validation)
updated since 04.11.2000
 Дырки в Network Monitor Windows NT/2000
updated since 02.11.2000
6!Уязвимость в Microsoft/Hilgraeve Hyperterminal
7!Многочисленные дырки в LPC Windows 2000/NT
 Проблемы с подмонтированными дисками и клиентами Mac в Win2K
6!DoS Windows 2000 через RPC
 Локальная дырка в Windows 2000 - переполнение буфера в Still Image Service
 Серьезная проблема с реализацией NetBIOS (NetBT) в Windows
 DoS против Windows 2000 (повреждение файла локальной политики)
 Дырка в Windows 2000 COM Internet Services Proxy
6!Уязвимость в services.exe Windows 2000
 Уязвимость в NT - относительнный путь к оболочке пользователя.
 DoS против Windows - конфликт имен NetBIOS
 DoS против telnet в Windows 2000
 Проблема с Desktop'ами в Windows 2000
 Проблема с Protected Storage в Win2K
 Проблемы со службой обзора (Browser)
 Слабость EFS в Windows 2000
 Переполнение буфера в CMD
updated since 21.04.2000
6!Проблема доступа к объектам Активной Директории
6!DoS-атака на сервис печати TCP/IP Windows NT

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod