CVSS: 7.5EPSS: 26%CPEs: 6EXPL: 0CVE-2002-0053
https://notcve.org/view.php?id=CVE-2002-0053
Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available. Desbordamiento de buffer en el agente del servicio SNMP en Windows 95/98/98SE, y Windows NT4/2000/XP permite a atacantes remotos causar una denegación de servicio o ejecutar código arbitrario mediante una petición de administración malformada. NOTA: Esta candidata puede ser separada o mezclada con otras candidatas. • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0012 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0013 http://www.cert.org/advisories/CA-2002-03.html http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html http://www.kb.cert.org/vuls/id/107186 http://www.kb.cert.org/vuls/id/854306 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006 https://oval.cisecurity.org/repository/search/definition/oval%3Ao • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1515
https://notcve.org/view.php?id=CVE-2001-1515
Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories and automatically modify the inherited NTFS permissions, which may cause the directories to have less restrictive permissions than intended. Los clientes Macintosh, al utilizar volúmenes del sistema de archivos NT en Windows 2000 SP1, crean subdirectorios y modifican automáticamente los permisos NTFS heredados, lo que puede hacer que los directorios tengan permisos menos restrictivos que los previstos. • http://securitytracker.com/id?1002626 http://www.securityfocus.com/bid/3479 • CWE-281: Improper Preservation of Permissions •
CVSS: 2.1EPSS: 4%CPEs: 3EXPL: 0CVE-2001-1517
https://notcve.org/view.php?id=CVE-2001-1517
RunAs (runas.exe) in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it, and the original researcher did not respond to requests for additional information • http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0041.html http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00100.html http://www.iss.net/security_center/static/7531.php http://www.securityfocus.com/bid/3184 •
CVSS: 2.1EPSS: 0%CPEs: 5EXPL: 3CVE-2001-1560 – Microsoft Windows XP/2000 - GDI Denial of Service
https://notcve.org/view.php?id=CVE-2001-1560
Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and XP allows local users to cause a denial of service (system crash) by calling the ShowWindow function after receiving a WM_NCCREATE message. • https://www.exploit-db.com/exploits/21131 http://www.derkeiler.com/Mailing-Lists/NT-Bugtraq/2001-10/0066.html http://www.iss.net/security_center/static/7409.php http://www.securityfocus.com/bid/3481 •
CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 2CVE-2001-1518 – Microsoft Windows Server 2000 - RunAs Service Denial of Service
https://notcve.org/view.php?id=CVE-2001-1518
RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the vendor also presents a scenario in which other users could be affected if running on a Terminal Server. Therefore this is a vulnerability. • https://www.exploit-db.com/exploits/21099 http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00100.html http://online.securityfocus.com/archive/1/236113 http://www.iss.net/security_center/static/7533.php http://www.securityfocus.com/bid/3291 •