Microsoft: >> Windows 2000 Security Vulnerabilities
Buffer overflow in IrDA driver providing infrared data exchange on Windows 2000 allows attackers who are physically close to the machine to cause a denial of service (reboot) via a malformed IrDA packet.
CVSS Score
5.0
EPSS Score
0.306
Published
2001-09-20
By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from non-delegated name servers, which allows remote attackers to poison the DNS cache via spoofed DNS responses.
CVSS Score
7.5
EPSS Score
0.04
Published
2001-08-31
Vulnerability in authentication process for SMTP service in Microsoft Windows 2000 allows remote attackers to use incorrect credentials to gain privileges and conduct activities such as mail relaying.
CVSS Score
7.5
EPSS Score
0.311
Published
2001-08-14
Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe.
CVSS Score
2.1
EPSS Score
0.006
Published
2001-07-27
Windows 2000 domain controller in Windows 2000 Server, Advanced Server, or Datacenter Server allows remote attackers to cause a denial of service via a flood of malformed service requests.
CVSS Score
5.0
EPSS Score
0.398
Published
2001-07-21
Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.
CVSS Score
7.5
EPSS Score
0.194
Published
2001-07-21
Microsoft Windows 2000 telnet service allows attackers to prevent idle Telnet sessions from timing out, causing a denial of service by creating a large number of idle sessions.
CVSS Score
5.0
EPSS Score
0.198
Published
2001-07-21
Handle leak in Microsoft Windows 2000 telnet service allows attackers to cause a denial of service by starting a large number of sessions and terminating them.
CVSS Score
5.0
EPSS Score
0.159
Published
2001-07-21
Information disclosure vulnerability in Microsoft Windows 2000 telnet service allows remote attackers to determine the existence of user accounts such as Guest, or log in to the server without specifying the domain name, via a malformed userid.
CVSS Score
7.5
EPSS Score
0.303
Published
2001-07-21
Microsoft Windows 2000 telnet service allows attackers to cause a denial of service (crash) via a long logon command that contains a backspace.
CVSS Score
5.0
EPSS Score
0.426
Published
2001-07-21