460 matches found
CVE-2001-0261
CVE-2001-0261 affects Microsoft Windows 2000 Encrypted File System. The issue is that backups of encrypted files are not properly destroyed, allowing a local attacker to recover the plaintext. The NVD entry assigns a low impact with partial confidentiality loss (CVSS v2 base score 2.1, LOCAL acce...
CVE-2001-0860
The CVE-2001-0860 entry documents a vulnerability in Terminal Services Manager MMC on Windows 2000 and Windows XP where the service trusts the Client Address (IP) provided by the client instead of deriving it from packet headers. This enables IP address spoofing (e.g., via NAT). Root cause: the t...
CVE-2002-1749
Windows 2000 Terminal Services vulnerability (CVE-2002-1749): the disconnect feature may fail to lock when left idle until the screen saver activates and the user disconnects, potentially allowing an attacker to gain administrator privileges. Affected: Windows 2000 Terminal Services disconnect/lo...
CVE-2005-3171
CVE-2005-3171 affects Microsoft Windows 2000 before Update Rollup 1 for SP4. The issue occurs when Event ID 1704 is recorded to indicate that Group Policy security settings were updated, even if the processing fails (for example, Ntuser.pol cannot be accessed). This may cause administrators to be...
CVE-2005-3176
CVE-2005-3176: Affects Microsoft Windows 2000 (before Update Rollup 1 for SP4). The issue is that the IP address of a Windows Terminal Services client is not recorded in a security log event when the client connects successfully, which could help an attacker evade detection. Connected documents c...
CVE-2000-1034
The CVE relates to a buffer overflow in the Windows 2000 System Monitor ActiveX control (sysmon.ocx). The vulnerability allows remote code execution by crafting a malicious LogFileName value in HTML/scripted content, permitting exploitation by a user who can load the affected page or message. The...
CVE-2005-3172
CVE-2005-3172 affects Microsoft Windows 2000 prior to Update Rollup 1 for SP4, where WideCharToMultiByte can mis-handle Japanese composite characters in the last position, potentially preventing null termination and leading to data corruption or a buffer overflow. The issue is rooted in the strin...
CVE-2000-0933
Technical details (affected products, exact root cause, vulnerable components, versions, or fixes) are not provided in the connected documents; monitor for updates.
CVE-2004-1649
Technical details about CVE-2004-1649 are not publicly provided in the supplied documents; no affected products, versions, or fixes are disclosed here. Monitor for updates.
CVE-2003-1448
The CVE-2003-1448 issue affects the Windows 2000 kernel, where a memory leak can be exploited by remote attackers to cause a denial of service through SMB by sending a NetBIOS continuation packet. The description explicitly states a DoS condition (SMB request hang). No specific affected product v...