Terminal Server@* Security Vulnerabilities and Issues — Terminal Server@* CVE List

Lucene search

MicrosoftTerminal Server*

11 matches found

CVE•added 1999/09/29 4:0 a.m.•73 views

CVE-1999-0391

The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.

7.5CVSS7.1AI score0.03809EPSS

CVE•added 2002/03/09 5:0 a.m.•62 views

CVE-2001-0540

Memory leak in Terminal servers in Windows NT and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed Remote Desktop Protocol (RDP) requests to port 3389.

5CVSS7.1AI score0.29541EPSS

CVE•added 2007/05/11 4:20 a.m.•57 views

CVE-2007-2593

The Terminal Server in Microsoft Windows 2003 Server, when using TLS, allows remote attackers to bypass SSL and self-signed certificate requirements, downgrade the server security, and possibly conduct man-in-the-middle attacks via unspecified vectors, as demonstrated using the Remote Desktop Proto...

7.5CVSS6.8AI score0.04516EPSS

CVE•added 2000/07/12 4:0 a.m.•56 views

CVE-2000-0305

Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.

7.8CVSS6.7AI score0.30689EPSS

CVE•added 2000/01/04 5:0 a.m.•52 views

CVE-1999-0909

Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability.

7.5CVSS7AI score0.04231EPSS

CVE•added 2000/04/26 4:0 a.m.•50 views

CVE-2000-0259

The default permissions for the Cryptography\Offload registry key used by the OffloadModExpo in Windows NT 4.0 allows local users to obtain compromise the cryptographic keys of other users.

7.2CVSS6.6AI score0.00374EPSS

CVE•added 2000/07/12 4:0 a.m.•50 views

CVE-2000-0331

Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability.

5CVSS7AI score0.11559EPSS

CVE•added 2000/01/04 5:0 a.m.•47 views

CVE-1999-0680

Windows NT Terminal Server performs extra work when a client opens a new connection but before it is authenticated, allowing for a denial of service.

5CVSS7AI score0.05984EPSS

CVE•added 2006/08/31 8:4 p.m.•43 views

CVE-2006-4465

Microsoft Terminal Server, when running an application session with the "Start program at logon" and "Override settings from user profile and Client Connection Manager wizard" options, allows local users to execute arbitrary code by forcing an Explorer error. NOTE: a third-party researcher has stat...

10CVSS7.7AI score0.26534EPSS

CVE•added 2000/06/02 4:0 a.m.•40 views

CVE-2000-0232

Microsoft TCP/IP Printing Services, aka Print Services for Unix, allows an attacker to cause a denial of service via a malformed TCP/IP print request.

2.1CVSS6.8AI score0.00801EPSS

CVE•added 2000/07/12 4:0 a.m.•40 views

CVE-2000-0404

The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability.

5CVSS6.7AI score0.13213EPSS