CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 2CVE-2000-0834 – Microsoft Windows Server 2000 - 'telnet.exe' NTLM Authentication
https://notcve.org/view.php?id=CVE-2000-0834
The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client NTLM Authentication" vulnerability. • https://www.exploit-db.com/exploits/20222 http://www.atstake.com/research/advisories/2000/a091400-1.txt http://www.securityfocus.com/bid/1683 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-067 https://exchange.xforce.ibmcloud.com/vulnerabilities/5242 •
CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0CVE-2000-0790
https://notcve.org/view.php?id=CVE-2000-0790
The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option for the first file that is listed in the folder. • http://www.securityfocus.com/bid/1571 http://www.securityfocus.com/templates/archive.pike?list=1&msg=3998370D.732A03F1%40nat.bg https://exchange.xforce.ibmcloud.com/vulnerabilities/5097 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 2CVE-2000-0737 – Microsoft Windows Server 2000 - Named Pipes Predictability
https://notcve.org/view.php?id=CVE-2000-0737
The Service Control Manager (SCM) in Windows 2000 creates predictable named pipes, which allows a local user with console access to gain administrator privileges, aka the "Service Control Manager Named Pipe Impersonation" vulnerability. • https://www.exploit-db.com/exploits/20133 http://www.securityfocus.com/bid/1535 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-053 •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2000-0771
https://notcve.org/view.php?id=CVE-2000-0771
Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability. • http://www.securityfocus.com/bid/1613 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-062 •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2000-1079
https://notcve.org/view.php?id=CVE-2000-1079
Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram. • http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0116.html http://www.nai.com/research/covert/advisories/045.asp http://www.securityfocus.com/bid/1620 https://exchange.xforce.ibmcloud.com/vulnerabilities/5168 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1079 •