Total
286 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0123 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2024-02-28 | 7.5 HIGH | N/A |
Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-1999-0595 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 2.1 LOW | N/A |
A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. | |||||
CVE-1999-0994 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords. | |||||
CVE-2000-0885 | 1 Microsoft | 3 Systems Management Server, Windows 2000, Windows Nt | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Protocol Parsing" vulnerability. NOTE: It is highly likely that this candidate will be split into multiple candidates. | |||||
CVE-2004-0124 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2024-02-28 | 2.6 LOW | N/A |
The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability." | |||||
CVE-1999-0519 | 1 Microsoft | 4 Outlook, Windows 2000, Windows 95 and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
A NETBIOS/SMB share password is the default, null, or missing. | |||||
CVE-1999-1581 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Memory leak in Simple Network Management Protocol (SNMP) agent (snmp.exe) for Windows NT 4.0 before Service Pack 4 allows remote attackers to cause a denial of service (memory consumption) via a large number of SNMP packets with Object Identifiers (OIDs) that cannot be decoded. | |||||
CVE-2000-1079 | 1 Microsoft | 4 Windows 2000, Windows 95, Windows 98 and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram. | |||||
CVE-1999-0975 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2024-02-28 | 4.6 MEDIUM | N/A |
The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed. | |||||
CVE-2000-0377 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability. | |||||
CVE-1999-1363 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 2.1 LOW | N/A |
Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool. | |||||
CVE-1999-0755 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option. | |||||
CVE-2004-0118 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 7.2 HIGH | N/A |
The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code. | |||||
CVE-2002-2401 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2024-02-28 | 3.6 LOW | N/A |
NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs. | |||||
CVE-2001-0373 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 2.1 LOW | N/A |
The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information. | |||||
CVE-1999-0562 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 7.5 HIGH | N/A |
The registry in Windows NT can be accessed remotely by users who are not administrators. | |||||
CVE-2000-0129 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2024-02-28 | 2.1 LOW | N/A |
Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file. | |||||
CVE-1999-0179 | 1 Microsoft | 2 Windows 95, Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share. | |||||
CVE-2001-0017 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability. | |||||
CVE-2002-0018 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 10.0 HIGH | N/A |
In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain. |