Page 6 of 31 results (0.007 seconds)

CVSS: 10.0EPSS: 94%CPEs: 37EXPL: 0

The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the "License Logging Service Vulnerability." • http://www.kb.cert.org/vuls/id/130433 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-010 https://exchange.xforce.ibmcloud.com/vulnerabilities/19101 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2568 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3582 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A47 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 90%CPEs: 6EXPL: 1

The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability." • https://www.exploit-db.com/exploits/733 http://secunia.com/advisories/13466 http://securitytracker.com/id?1012517 http://www.ciac.org/ciac/bulletins/p-054.shtml http://www.kb.cert.org/vuls/id/378160 http://www.osvdb.org/12370 http://www.securityfocus.com/bid/11922 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-045 https://exchange.xforce.ibmcloud.com/vulnerabilities/18259 •

CVSS: 10.0EPSS: 97%CPEs: 37EXPL: 2

The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability." El servicio WINS (wins.exe) de Microsoft Windows NT Server 4.0, Windows 2000 Server y Windows Server 2003 permite a atacantes remotos escribir localizaciones de memoria arbitrarias y posiblemente ejecutar código arbitrario mediante un puntero de memoria modificado en un paquete de replicación WINS al puerto TCP 42. • https://www.exploit-db.com/exploits/909 https://www.exploit-db.com/exploits/16359 http://marc.info/?l=bugtraq&m=110150370506704&w=2 http://secunia.com/advisories/13328 http://securitytracker.com/id?1012516 http://support.microsoft.com/kb/890710 http://www.ciac.org/ciac/bulletins/p-054.shtml http://www.immunitysec.com/downloads/instantanea.pdf http://www.kb.cert.org/vuls/id/145134 http://www.osvdb.org/12378 http://www.securityfocus.com/bid/11763 http:// •

CVSS: 7.5EPSS: 56%CPEs: 7EXPL: 0

Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition) allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results. • http://www.securityfocus.com/bid/11605 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-039 https://exchange.xforce.ibmcloud.com/vulnerabilities/17906 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4264 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4859 •

CVSS: 10.0EPSS: 81%CPEs: 4EXPL: 2

Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped) folders that involve an "unchecked buffer" and improper length validation. Desbordamiento de enteros en DUNZIP32.DLL de Microsoft Windows XP, Windows XP edición de 64 bits, Windows Server 2003, y Windows Server 2003 edición de 64 bits permite a atacantes remotos ejecutar código de su elección mediante carpetas comprimidas ("zipeadas") que envuelven un "búfer no comprobado" y una validación de longitud inapropiada. • https://www.exploit-db.com/exploits/677 https://www.exploit-db.com/exploits/640 http://marc.info/?l=ntbugtraq&m=109767342326300&w=2 http://securitytracker.com/id?1011637 http://www.ciac.org/ciac/bulletins/p-010.shtml http://www.eeye.com/html/research/advisories/AD20041012A.html http://www.kb.cert.org/vuls/id/649374 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-034 https://exchange.xforce.ibmcloud.com/vulnerabilities/17624 https://exchange •