CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Windows 2000 : Security Vulnerabilities Published In 2001

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2001-1560 DoS 2001-12-31 2008-09-05
2.1
None Local Low Not required None None Partial
Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and XP allows local users to cause a denial of service (system crash) by calling the ShowWindow function after receiving a WM_NCCREATE message.
2 CVE-2001-1519 2001-12-31 2008-09-05
3.6
None Local Low Not required Partial Partial None
** DISPUTED ** RunAs (runas.exe) in Windows 2000 allows local users to create a spoofed named pipe when the service is stopped, then capture cleartext usernames and passwords when clients connect to the service. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it.
3 CVE-2001-1518 DoS 2001-12-31 2008-09-05
2.1
None Local Low Not required None None Partial
RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the vendor also presents a scenario in which other users could be affected if running on a Terminal Server. Therefore this is a vulnerability.
4 CVE-2001-1517 +Info 2001-12-31 2008-09-05
2.1
None Local Low Not required Partial None None
** DISPUTED ** RunAs (runas.exe) in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it, and the original researcher did not respond to requests for additional information.
5 CVE-2001-1515 2001-12-31 2008-09-10
5.0
None Remote Low Not required Partial None None
Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories and automatically modify the inherited NTFS permissions, which may cause the directories to have less restrictive permissions than intended.
6 CVE-2001-1452 2001-08-31 2017-07-10
5.0
None Remote Low Not required None Partial None
By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from non-delegated name servers, which allows remote attackers to poison the DNS cache via spoofed DNS responses.
7 CVE-2001-1347 DoS +Priv 2001-05-24 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Windows 2000 allows local users to cause a denial of service and possibly gain privileges by setting a hardware breakpoint that is handled using global debug registers, which could cause other processes to terminate due to an exception, and allow hijacking of resources such as named pipes.
8 CVE-2001-1302 2001-07-18 2017-10-09
2.1
None Local Low Not required None Partial None
The change password option in the Windows Security interface for Windows 2000 allows attackers to use the option to attempt to change passwords of other users on other systems or identify valid accounts by monitoring error messages, possibly due to a problem in the NetuserChangePassword function.
9 CVE-2001-1288 DoS 2001-07-27 2016-10-17
2.1
None Local Low Not required None None Partial
Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe.
10 CVE-2001-1244 DoS 2001-07-07 2008-09-05
5.0
None Remote Low Not required None None Partial
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
11 CVE-2001-1238 2001-07-16 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the Task Manager.
12 CVE-2001-0951 DoS 2001-12-07 2017-10-09
5.0
None Remote Low Not required None None Partial
Windows 2000 allows remote attackers to cause a denial of service (CPU consumption) by flooding Internet Key Exchange (IKE) UDP port 500 with packets that contain a large number of dot characters.
13 CVE-2001-0879 DoS 2001-12-20 2017-10-09
5.0
None Remote Low Not required None None Partial
Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service.
14 CVE-2001-0860 2001-12-06 2017-10-09
7.5
User Remote Low Not required Partial Partial Partial
Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT).
15 CVE-2001-0663 DoS 2001-12-06 2017-10-09
5.0
None Remote Low Not required None None Partial
Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets.
16 CVE-2001-0659 DoS Overflow 2001-09-20 2017-10-09
5.0
None Remote Low Not required None None Partial
Buffer overflow in IrDA driver providing infrared data exchange on Windows 2000 allows attackers who are physically close to the machine to cause a denial of service (reboot) via a malformed IrDA packet.
17 CVE-2001-0543 DoS 2001-09-20 2017-10-09
5.0
None Remote Low Not required None None Partial
Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts.
18 CVE-2001-0509 DoS 2001-09-20 2017-10-18
5.0
None Remote Low Not required None None Partial
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs.
19 CVE-2001-0504 +Priv 2001-08-14 2017-10-09
7.5
User Remote Low Not required Partial Partial Partial
Vulnerability in authentication process for SMTP service in Microsoft Windows 2000 allows remote attackers to use incorrect credentials to gain privileges and conduct activities such as mail relaying.
20 CVE-2001-0502 2001-07-21 2017-10-09
4.6
User Local Low Not required Partial Partial Partial
Running Windows 2000 LDAP Server over SSL, a function does not properly check the permissions of a user request when the directory principal is a domain user and the data attribute is the domain password, which allows local users to modify the login password of other users.
21 CVE-2001-0373 2001-06-18 2017-10-09
2.1
None Local Low Not required Partial None None
The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information.
22 CVE-2001-0351 DoS 2001-07-21 2017-10-09
2.1
None Local Low Not required None None Partial
Microsoft Windows 2000 telnet service allows a local user to make a certain system call that allows the user to terminate a Telnet session and cause a denial of service.
23 CVE-2001-0350 Exec Code 2001-07-21 2017-07-10
4.6
None Local Low Not required Partial Partial Partial
Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the second of two variants of this vulnerability.
24 CVE-2001-0349 Exec Code 2001-07-21 2017-07-10
7.2
Admin Local Low Not required Complete Complete Complete
Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the first of two variants of this vulnerability.
25 CVE-2001-0348 DoS 2001-07-21 2016-11-28
5.0
None Remote Low Not required None None Partial
Microsoft Windows 2000 telnet service allows attackers to cause a denial of service (crash) via a long logon command that contains a backspace.
26 CVE-2001-0347 2001-07-21 2017-10-09
7.5
User Remote Low Not required Partial Partial Partial
Information disclosure vulnerability in Microsoft Windows 2000 telnet service allows remote attackers to determine the existence of user accounts such as Guest, or log in to the server without specifying the domain name, via a malformed userid.
27 CVE-2001-0346 DoS 2001-07-21 2017-10-09
5.0
None Remote Low Not required None None Partial
Handle leak in Microsoft Windows 2000 telnet service allows attackers to cause a denial of service by starting a large number of sessions and terminating them.
28 CVE-2001-0345 DoS 2001-07-21 2017-10-09
5.0
None Remote Low Not required None None Partial
Microsoft Windows 2000 telnet service allows attackers to prevent idle Telnet sessions from timing out, causing a denial of service by creating a large number of idle sessions.
29 CVE-2001-0341 Exec Code Overflow 2001-07-21 2017-10-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.
30 CVE-2001-0324 DoS 2001-05-03 2008-09-05
2.6
None Remote High Not required None None Partial
Windows 98 and Windows 2000 Java clients allow remote attackers to cause a denial of service via a Java applet that opens a large number of UDP sockets, which prevents the host from establishing any additional UDP connections, and possibly causes a crash.
31 CVE-2001-0261 2001-06-02 2016-10-17
2.1
None Local Low Not required Partial None None
Microsoft Windows 2000 Encrypted File System does not properly destroy backups of files that are encrypted, which allows a local attacker to recover the text of encrypted files.
32 CVE-2001-0241 Overflow +Priv 2001-06-27 2017-10-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0.
33 CVE-2001-0238 Bypass 2001-07-02 2017-10-09
7.5
None Remote Low Not required Partial Partial Partial
Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests.
34 CVE-2001-0237 DoS 2001-06-27 2017-10-09
5.0
None Remote Low Not required None None Partial
Memory leak in Microsoft 2000 domain controller allows remote attackers to cause a denial of service by repeatedly connecting to the Kerberos service and then disconnecting without sending any data.
35 CVE-2001-0147 Exec Code Overflow 2001-05-03 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records.
36 CVE-2001-0048 2001-02-12 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
The "Configure Your Server" tool in Microsoft 2000 domain controllers installs a blank password for the Directory Service Restore Mode, which allows attackers with physical access to the controller to install malicious programs, aka the "Directory Service Restore Mode Password" vulnerability.
37 CVE-2001-0046 +Info 2001-02-16 2017-10-18
4.6
User Local Low Not required Partial Partial Partial
The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities.
38 CVE-2001-0018 DoS 2001-07-21 2017-10-09
5.0
None Remote Low Not required None None Partial
Windows 2000 domain controller in Windows 2000 Server, Advanced Server, or Datacenter Server allows remote attackers to cause a denial of service via a flood of malformed service requests.
39 CVE-2001-0015 +Priv 2001-03-12 2017-10-09
7.2
Admin Local Low Not required Complete Complete Complete
Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process.
40 CVE-2001-0014 DoS 2001-02-12 2008-09-05
5.0
None Remote Low Not required None None Partial
Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability.
41 CVE-2001-0003 2001-02-12 2017-10-09
5.0
None Remote Low Not required Partial None None
Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability.
42 CVE-2000-1111 DoS 2001-01-09 2017-10-09
5.0
None Remote Low Not required None None Partial
Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attempts, which allows remote attackers to cause a denial of service by connecting to the server and not providing any input.
43 CVE-2000-1089 Exec Code Overflow 2001-01-09 2017-10-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability.
Total number of vulnerabilities : 43   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.