Vulnerabilities > Microsoft > Windows 2000 > High

DATE CVE VULNERABILITY TITLE RISK
2000-12-19 CVE-2000-0885 Unspecified vulnerability in Microsoft Systems Management Server, Windows 2000 and Windows NT
Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Protocol Parsing" vulnerability.
network
low complexity
microsoft
7.5
2000-11-14 CVE-2000-0834 Unspecified vulnerability in Microsoft Windows 2000
The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client NTLM Authentication" vulnerability.
network
low complexity
microsoft
7.5
2000-08-29 CVE-2000-1079 Unspecified vulnerability in Microsoft products
Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram.
network
low complexity
microsoft
7.5
2000-05-19 CVE-2000-0305 Resource Management Errors vulnerability in multiple products
Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.
network
low complexity
be microsoft CWE-399
7.8
2000-05-11 CVE-2000-0420 Unspecified vulnerability in Microsoft Windows 2000
The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data.
local
low complexity
microsoft
7.2
2000-04-07 CVE-2000-0298 Unspecified vulnerability in Microsoft Windows 2000
The unattended installation of Windows 2000 with the OEMPreinstall option sets insecure permissions for the All Users and Default Users directories.
local
low complexity
microsoft
7.2
1999-01-05 CVE-1999-0391 Unspecified vulnerability in Microsoft Terminal Server, Windows 2000 and Windows NT
The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.
network
low complexity
microsoft
7.5
1998-10-01 CVE-1999-0506 Unspecified vulnerability in Microsoft Windows 2000 and Windows NT
A Windows NT domain user or administrator account has a default, null, blank, or missing password.
local
low complexity
microsoft
7.2
1998-10-01 CVE-1999-0505 Unspecified vulnerability in Microsoft Windows 2000 and Windows NT
A Windows NT domain user or administrator account has a guessable password.
local
low complexity
microsoft
7.2
1997-01-01 CVE-1999-0562 Unspecified vulnerability in Microsoft Windows 2000 and Windows NT
The registry in Windows NT can be accessed remotely by users who are not administrators.
network
low complexity
microsoft
7.5