CVSS: 3.6EPSS: 0%CPEs: 1EXPL: 2CVE-2001-1519 – Microsoft Windows Server 2000 - RunAs Service Named Pipe Hijacking
https://notcve.org/view.php?id=CVE-2001-1519
RunAs (runas.exe) in Windows 2000 allows local users to create a spoofed named pipe when the service is stopped, then capture cleartext usernames and passwords when clients connect to the service. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it • https://www.exploit-db.com/exploits/21069 http://online.securityfocus.com/archive/1/236111 http://online.securityfocus.com/archive/1/240136 http://www.iss.net/security_center/static/7532.php http://www.securityfocus.com/bid/3185 •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2001-0879
https://notcve.org/view.php?id=CVE-2001-0879
Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service. Vulnerabilidad de cadena formateada en las funciones de ejecución C en SQL Server 7.0 y 2000 permite a atacantes remotos provocar una denegación de servicio. • http://marc.info/?l=bugtraq&m=100891252317406&w=2 http://www.atstake.com/research/advisories/2001/a122001-1.txt http://www.securityfocus.com/bid/3732 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-060 https://exchange.xforce.ibmcloud.com/vulnerabilities/7725 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A253 •
CVSS: 5.0EPSS: 35%CPEs: 1EXPL: 3CVE-2001-0951 – Microsoft Windows Server 2000 - Internet Key Exchange Denial of Service
https://notcve.org/view.php?id=CVE-2001-0951
Windows 2000 allows remote attackers to cause a denial of service (CPU consumption) by flooding Internet Key Exchange (IKE) UDP port 500 with packets that contain a large number of dot characters. • https://www.exploit-db.com/exploits/21171 https://www.exploit-db.com/exploits/21172 http://marc.info/?l=bugtraq&m=100774842520403&w=2 http://marc.info/?l=bugtraq&m=100813081913496&w=2 http://www.securityfocus.com/bid/3652 https://exchange.xforce.ibmcloud.com/vulnerabilities/7667 •
CVSS: 5.0EPSS: 24%CPEs: 2EXPL: 1CVE-2001-0663 – Microsoft Windows NT/2000 - Terminal Server Service RDP Denial of Service
https://notcve.org/view.php?id=CVE-2001-0663
Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets. • https://www.exploit-db.com/exploits/21123 http://www.securityfocus.com/bid/3445 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-052 https://exchange.xforce.ibmcloud.com/vulnerabilities/7302 •
CVSS: 7.5EPSS: 70%CPEs: 2EXPL: 0CVE-2001-0860
https://notcve.org/view.php?id=CVE-2001-0860
Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT). • http://marc.info/?l=bugtraq&m=100578220002083&w=2 http://www.securityfocus.com/bid/3541 https://exchange.xforce.ibmcloud.com/vulnerabilities/7538 •