VYPR

Windows 2000

by Microsoft

CVEs (522)

  • CVE-2000-0771Oct 20, 2000
    risk 0.00cvss epss 0.02

    Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability.

  • CVE-2000-0663Jul 25, 2000
    risk 0.00cvss epss 0.02

    The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative…

  • CVE-1999-0585Jul 1, 2000
    risk 0.00cvss epss 0.02

    A Windows NT administrator account has the default name of Administrator.

  • CVE-2000-0475Jun 15, 2000
    risk 0.00cvss epss 0.02

    Windows 2000 allows a local user process to access another user's desktop within the same windows station, aka the "Desktop Separation" vulnerability.

  • CVE-1999-0590Jun 1, 2000
    risk 0.00cvss epss 0.06

    A system does not present an appropriate legal message or warning to a user who is accessing it.

  • CVE-2000-0487Jun 1, 2000
    risk 0.00cvss epss 0.02

    The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability.

  • CVE-2000-0420May 11, 2000
    risk 0.00cvss epss 0.01

    The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data.

  • CVE-2000-0416May 11, 2000
    risk 0.00cvss epss 0.06

    NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server.

  • CVE-2000-0311Apr 20, 2000
    risk 0.00cvss epss 0.01

    The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability.

  • CVE-2000-0298Apr 7, 2000
    risk 0.00cvss epss 0.02

    The unattended installation of Windows 2000 with the OEMPreinstall option sets insecure permissions for the All Users and Default Users directories.

  • CVE-1999-0595Jan 20, 2000
    risk 0.00cvss epss 0.02

    A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.

  • CVE-1999-1358Dec 31, 1999
    risk 0.00cvss epss 0.01

    When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by…

  • CVE-1999-0717May 7, 1999
    risk 0.00cvss epss 0.06

    A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.

  • CVE-1999-0391Jan 5, 1999
    risk 0.00cvss epss 0.05

    The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.

  • CVE-1999-0384Jan 1, 1999
    risk 0.00cvss epss 0.01

    The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.

  • CVE-1999-0505Oct 1, 1998
    risk 0.00cvss epss 0.02

    A Windows NT domain user or administrator account has a guessable password.

  • CVE-1999-0499Jan 1, 1997
    risk 0.00cvss epss 0.05

    NETBIOS share information may be published through SNMP registry keys in NT.

  • CVE-1999-0534Jan 1, 1997
    risk 0.00cvss epss 0.02

    A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory,…

  • CVE-1999-0503Jan 1, 1997
    risk 0.00cvss epss 0.02

    A Windows NT local user or administrator account has a guessable password.

  • CVE-1999-0519Jan 1, 1997
    risk 0.00cvss epss 0.06

    A NETBIOS/SMB share password is the default, null, or missing.

Page 26 of 27