Microsoft: >> Windows 2000 >> beta3 Security Vulnerabilities
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
CVSS Score
5.0
EPSS Score
0.036
Published
2003-01-17
Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message.
CVSS Score
4.3
EPSS Score
0.304
Published
2002-12-31
Microsoft Windows 2000 allows remote attackers to cause a denial of service (memory consumption) by sending a flood of empty TCP/IP packets with the ACK and FIN bits set to the NetBIOS port (TCP/139), as demonstrated by stream3.
CVSS Score
5.0
EPSS Score
0.329
Published
2002-12-31
Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges.
CVSS Score
7.2
EPSS Score
0.005
Published
2002-12-31
Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not overwrite events (clear log manually)" option is set, does not notify the administrator when the log reaches its maximum size, which allows local users and remote attackers to avoid detection.
CVSS Score
7.5
EPSS Score
0.215
Published
2002-12-31
The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.
CVSS Score
2.1
EPSS Score
0.008
Published
2002-12-31
The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an "alter context" request, which may allow remote attackers to obtain sensitive information by sniffing the session.
CVSS Score
5.0
EPSS Score
0.205
Published
2002-12-31
Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service (hang) via an LDAP client that sets the page length to zero during a large request.
CVSS Score
7.1
EPSS Score
0.281
Published
2002-12-31
NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.
CVSS Score
3.6
EPSS Score
0.005
Published
2002-12-31
The SMB signing capability in the Server Message Block (SMB) protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection, e.g. by modifying group policy information sent from a domain controller.
CVSS Score
5.0
EPSS Score
0.239
Published
2002-12-23