CVE-2002-1769
https://notcve.org/view.php?id=CVE-2002-1769
Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_Anonymous, with a default password of LdapPassword_1, which allows remote attackers the "Log on locally" privilege. • http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0033.html http://online.securityfocus.com/advisories/3843 http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3BQ248840 http://www.securityfocus.com/bid/3998 https://exchange.xforce.ibmcloud.com/vulnerabilities/8048 •
CVE-2002-2081
https://notcve.org/view.php?id=CVE-2002-2081
cphost.dll in Microsoft Site Server 3.0 allows remote attackers to cause a denial of service (disk consumption) via an HTTP POST of a file with a long TargetURL parameter, which causes Site Server to abort and leaves the uploaded file in c:\temp. • http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0033.html http://www.iss.net/security_center/static/8053.php http://www.securityfocus.com/bid/4002 •
CVE-2002-0623
https://notcve.org/view.php?id=CVE-2002-0623
Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 and 2002 allows remote attackers to execute arbitrary code via long authentication data, aka "New Variant of the ISAPI Filter Buffer Overrun". • http://www.iss.net/security_center/static/9426.php http://www.osvdb.org/5163 http://www.securityfocus.com/bid/5112 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-033 •
CVE-2002-0622
https://notcve.org/view.php?id=CVE-2002-0622
The Office Web Components (OWC) package installer for Microsoft Commerce Server 2000 allows remote attackers to execute commands by passing the commands as input to the OWC package installer, aka "OWC Package Command Execution". • http://www.iss.net/security_center/static/9425.php http://www.osvdb.org/5170 http://www.securityfocus.com/bid/5111 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-033 •
CVE-2002-0621
https://notcve.org/view.php?id=CVE-2002-0621
Buffer overflow in the Office Web Components (OWC) package installer used by Microsoft Commerce Server 2000 allows remote attackers to cause the process to fail or run arbitrary code in the LocalSystem security context via certain input to the OWC package installer. • http://www.iss.net/security_center/static/9424.php http://www.osvdb.org/5172 http://www.securityfocus.com/bid/5108 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-033 •