CVSS: 5.0EPSS: 29%CPEs: 28EXPL: 0CVE-2004-0202
https://notcve.org/view.php?id=CVE-2004-0202
IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet. El interfaz de programación de aplicación (API) IDirectPlay de Microsoft DirectPlay 7.0a a 9.0b, usado en Windows Server 2003 y anteriores, permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante un paquete malformado. • http://secunia.com/advisories/11802 http://www.osvdb.org/6742 http://www.securityfocus.com/bid/10487 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-016 https://exchange.xforce.ibmcloud.com/vulnerabilities/16306 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1027 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2190 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Ad •
CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0CVE-2004-0540
https://notcve.org/view.php?id=CVE-2004-0540
Microsoft Windows 2000, when running in a domain whose Fully Qualified Domain Name (FQDN) is exactly 8 characters long, does not prevent users with expired passwords from logging on to the domain. Microsoft Windows 2000, cuando corre en un dominio cuyo nombre de dominio completamente cualificado (FQDN) tiene exáctamente 8 caractéres de largo, no impide que usuarios cuya contraseña ha expirado inicien sesión en el dominio. • http://secunia.com/advisories/11746 http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B830847 •
CVSS: 5.0EPSS: 18%CPEs: 5EXPL: 0CVE-2003-0807
https://notcve.org/view.php?id=CVE-2003-0807
Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request. Desbordamiento de búfer en los componentes (1) Servicios de Internet COM y (2) Proxy RPC sobre HTTP de Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, y Server 2003 permite a atacantes remotos causar una denegación de servicio mediante una petición especialmente elaborada. • http://securitytracker.com/alerts/2004/Apr/1009762.html http://www.ciac.org/ciac/bulletins/o-115.shtml http://www.kb.cert.org/vuls/id/698564 http://www.securityfocus.com/bid/10123 http://www.us-cert.gov/cas/techalerts/TA04-104A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-012 https://exchange.xforce.ibmcloud.com/vulnerabilities/15709 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1030 https://oval.cisec •
CVSS: 7.5EPSS: 43%CPEs: 5EXPL: 0CVE-2003-0806
https://notcve.org/view.php?id=CVE-2003-0806
Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code. Desbordamiento de búfer en el proceso de inicio de sesión de Windows (winlogon) en Microsoft Windows NT 4.0 SP6a, 2000 SP2 a SP4, y XP SP1, cuando lo hace un miembro de un dominio, permite a atacantes remotos ejecutar código de su elección. • http://www.ciac.org/ciac/bulletins/o-114.shtml http://www.kb.cert.org/vuls/id/471260 http://www.securityfocus.com/bid/10126 http://www.us-cert.gov/cas/techalerts/TA04-104A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011 https://exchange.xforce.ibmcloud.com/vulnerabilities/15702 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1054 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3 •
CVSS: 7.5EPSS: 97%CPEs: 8EXPL: 3CVE-2003-0533 – Microsoft LSASS Service - DsRolerUpgradeDownlevelServer Overflow (MS04-011)
https://notcve.org/view.php?id=CVE-2003-0533
Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm. Desbordamiento de búfer basado en la pila en ciertas funciones de servicio de Active Directory en LSASRV.DLL de Local Security Authority Subsystem Service (LSASS) en Microsoft Windows NT 4.0 SP6a, 2000 SP2 a SP4, XP SP1, Server 2003, NetMeeting, Windows 98, y Windows ME permite a atacantes remotos ejecutar código arbitrario mediante un paquete que causa que la función DsRolerUpgradeDownlevelServer cree entradas de depuración largas en el fichero DCPROMO.LOG, como las explotadas por el gusano Sasser. • https://www.exploit-db.com/exploits/16368 https://www.exploit-db.com/exploits/293 https://www.exploit-db.com/exploits/295 http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020069.html http://marc.info/?l=bugtraq&m=108325860431471&w=2 http://www.ciac.org/ciac/bulletins/o-114.shtml http://www.eeye.com/html/Research/Advisories/AD20040413C.html http://www.kb.cert.org/vuls/id/753212 http://www.securityfocus.com/bid/10108 http://www.us-cert.gov/c •