CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Windows 2000 : Security Vulnerabilities Published In 2002

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2002-2401 264 Bypass 2002-12-31 2008-09-10
3.6
None Local Low Not required Partial Partial None
NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.
2 CVE-2002-2328 20 DoS 2002-12-31 2008-09-05
7.1
None Remote Medium Not required None None Complete
Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service (hang) via an LDAP client that sets the page length to zero during a large request.
3 CVE-2002-2132 2002-12-31 2008-09-05
2.1
None Local Low Not required None Partial None
Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes.
4 CVE-2002-2077 +Info 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an "alter context" request, which may allow remote attackers to obtain sensitive information by sniffing the session.
5 CVE-2002-2028 2002-12-31 2008-09-05
2.1
None Local Low Not required Partial None None
The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.
6 CVE-2002-1932 2002-12-31 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not overwrite events (clear log manually)" option is set, does not notify the administrator when the log reaches its maximum size, which allows local users and remote attackers to avoid detection.
7 CVE-2002-1749 +Priv 2002-12-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges.
8 CVE-2002-1712 DoS 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Microsoft Windows 2000 allows remote attackers to cause a denial of service (memory consumption) by sending a flood of empty TCP/IP packets with the ACK and FIN bits set to the NetBIOS port (TCP/139), as demonstrated by stream3.
9 CVE-2002-1700 79 XSS 2002-12-31 2014-04-15
4.3
None Remote Medium Not required None Partial None
Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message.
10 CVE-2002-1325 2002-12-23 2008-09-05
5.0
None Remote Low Not required Partial None None
Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."
11 CVE-2002-1260 Bypass 2002-12-23 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet.
12 CVE-2002-1258 2002-12-23 2008-09-10
5.0
None Remote Low Not required Partial None None
Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error.
13 CVE-2002-1257 Exec Code 2002-12-23 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail.
14 CVE-2002-1256 2002-12-23 2008-09-10
5.0
None Remote Low Not required None Partial None
The SMB signing capability in the Server Message Block (SMB) protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection, e.g. by modifying group policy information sent from a domain controller.
15 CVE-2002-1230 Exec Code 2002-11-04 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation."
16 CVE-2002-1214 DoS Exec Code Overflow 2002-10-28 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a certain PPTP packet with malformed control data.
17 CVE-2002-1184 +Priv 2002-11-12 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs.
18 CVE-2002-0864 DoS 2002-10-11 2008-09-05
5.0
None Remote Low Not required None None Partial
The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command, aka "Denial of Service in Remote Desktop."
19 CVE-2002-0863 2002-10-11 2008-09-10
5.0
None Remote Low Not required Partial None None
Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol."
20 CVE-2002-0862 2002-10-04 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS.
21 CVE-2002-0823 Exec Code Overflow 2002-08-12 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Winhlp32.exe allows remote attackers to execute arbitrary code via an HTML document that calls the HTML Help ActiveX control (HHCtrl.ocx) with a long pathname in the Item parameter.
22 CVE-2002-0725 2002-09-05 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file.
23 CVE-2002-0724 DoS Overflow 2002-09-24 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service".
24 CVE-2002-0720 +Priv 2002-09-05 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code.
25 CVE-2002-0699 2002-10-04 2008-09-10
5.0
None Remote Low Not required None Partial None
Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML.
26 CVE-2002-0694 Exec Code 2002-10-10 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka "Code Execution via Compiled HTML Help File."
27 CVE-2002-0693 Exec Code Overflow 2002-10-10 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function.
28 CVE-2002-0692 DoS Overflow 2002-10-10 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request.
29 CVE-2002-0597 DoS 2002-06-18 2008-09-10
5.0
None Remote Low Not required None None Partial
LANMAN service on Microsoft Windows 2000 allows remote attackers to cause a denial of service (CPU/memory exhaustion) via a stream of malformed data to microsoft-ds port 445.
30 CVE-2002-0443 Bypass 2002-07-26 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Microsoft Windows 2000 allows local users to bypass the policy that prohibits reusing old passwords by changing the current password before it expires, which does not enable the check for previous passwords.
31 CVE-2002-0367 +Priv 2002-06-25 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit.
32 CVE-2002-0366 Exec Code Overflow 2002-07-03 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.
33 CVE-2002-0224 DoS 2002-05-16 2008-09-10
5.0
None Remote Low Not required None None Partial
The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote attackers to cause a denial of service (crash or hang) via malformed (random) input.
34 CVE-2002-0151 DoS Overflow +Priv 2002-04-04 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.
35 CVE-2002-0070 119 Exec Code Overflow 2002-03-15 2008-09-05
7.6
Admin Remote High Not required Complete Complete Complete
Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled.
36 CVE-2002-0055 DoS 2002-03-08 2008-09-05
5.0
None Remote Low Not required None None Partial
SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request.
37 CVE-2002-0054 2002-03-08 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials.
38 CVE-2002-0053 DoS Exec Code Overflow 2002-03-08 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available.
39 CVE-2002-0051 2002-04-04 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Windows 2000 allows local users to prevent the application of new group policy settings by opening Group Policy files with exclusive-read access.
40 CVE-2002-0020 Exec Code Overflow 2002-03-08 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in telnet server in Windows 2000 and Interix 2.2 allows remote attackers to execute arbitrary code via malformed protocol options.
41 CVE-2002-0018 +Priv 2002-03-08 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain.
42 CVE-2001-1451 DoS 2002-10-22 2008-09-10
5.0
None Remote Low Not required None None Partial
Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microsoft Windows 2000 before SP3, when the Print Spooler is not running, allows remote attackers to cause a denial of service (memory consumption) via a large number of GET or GETNEXT requests.
Total number of vulnerabilities : 42   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.