CVE-2010-1690
https://notcve.org/view.php?id=CVE-2010-1690
The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 SP3 and earlier, Exchange Server 2007 SP2 and earlier, and Exchange Server 2010 does not verify that transaction IDs of responses match transaction IDs of queries, which makes it easier for man-in-the-middle attackers to spoof DNS responses, a different vulnerability than CVE-2010-0024 and CVE-2010-0025. La implementación DNS en smtpsvc.dll anteriores a v6.0.2600.5949 en Microsoft Windows 2000 SP4 y anteriores, Windows XP SP3 y anteriores, Windows Server 2003 SP2 y anteriores, Windows Server 2008 SP2 y anteriores , Windows Server 2008 R2, Exchange Server 2003 SP3 y anteriores, Exchange Server 2007 SP2 y anteriores, y Exchange Server 2010 no verifican que IDs de transacción de respuestas, coinciden con con las IDs de las peticiones, lo que provoca que sea fácil que un atacante capture respuestas DNS mediante un ataque "hombre-en-medio" (man-in-the-middle), es una vulnerabilidad distinta a CVE-2010-0024 and CVE-2010-0025. • http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0058.html http://securitytracker.com/id?1023939 http://www.coresecurity.com/content/CORE-2010-0424-windows-smtp-dns-query-id-bugs http://www.securityfocus.com/bid/39910 • CWE-20: Improper Input Validation •
CVE-2010-0269 – Microsoft Windows 7/2008 R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC)
https://notcve.org/view.php?id=CVE-2010-0269
The SMB client in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for SMB responses, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Memory Allocation Vulnerability." El cliente SMB en Microsoft Windows 2000 SP4, Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, y SP2, Windows Server 2008 Gold, SP2, y R2, y Windows 7 no asigna adecuadamente memoria para respuestas SMB, lo que permite a servidores SMB remotos y atacantes por la técnica man-in-the-middle ejecutar código de su elección a través de una respuesta manipulada (1) SMBv1 o (2) SMBv2, conocido como "SMB Client Memory Allocation Vulnerability." • https://www.exploit-db.com/exploits/12273 http://secunia.com/advisories/39372 http://www.us-cert.gov/cas/techalerts/TA10-103A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-020 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7129 • CWE-399: Resource Management Errors •
CVE-2010-0025
https://notcve.org/view.php?id=CVE-2010-0025
The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2000 SP3, does not properly allocate memory for SMTP command replies, which allows remote attackers to read fragments of e-mail messages by sending a series of invalid commands and then sending a STARTTLS command, aka "SMTP Memory Allocation Vulnerability." El componente SMTP en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, y Server 2008 Gold, SP2, y R2, y Exchange Server 2000 SP3, no asigna adecuadamente memoria para las replicas de comando SMTP, lo que permite a atacantes remotos leer fragmentos de mensajes e-mail por envío de una serio de comandos inválidos y luego enviando un comando STARTTLS, conocido también como "Vulnerabilidad de asignación de memoria SMTP." • http://secunia.com/advisories/39253 http://www.us-cert.gov/cas/techalerts/TA10-103A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-024 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12175 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2010-0238
https://notcve.org/view.php?id=CVE-2010-0238
Unspecified vulnerability in registry-key validation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Registry Key Vulnerability." Vulnerabilidad no especificada en la validación de la llave de registro en el kernel en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, y Vista Gold permite a usuarios locales causar una denegación de servicio (reinicio) a través de una aplicación manipulada, conocido como "Windows Kernel Registry Key Vulnerability." • http://secunia.com/advisories/39373 http://www.securitytracker.com/id?1023850 http://www.us-cert.gov/cas/techalerts/TA10-103A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-021 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6793 • CWE-20: Improper Input Validation •
CVE-2010-0235
https://notcve.org/view.php?id=CVE-2010-0235
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not perform the expected validation before creating a symbolic link, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Symbolic Link Value Vulnerability." El kernel en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, y Vista Gold no realiza adecuadamente la validación esperada antes de crear un enlace simbólico, lo que permite a usuarios locales causar una denegación de servicio (reinicio) a través de una aplicación manipulada, conocido como "Windows Kernel Symbolic Link Value Vulnerability." • http://secunia.com/advisories/39373 http://www.securitytracker.com/id?1023850 http://www.us-cert.gov/cas/techalerts/TA10-103A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-021 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7509 • CWE-20: Improper Input Validation •