Vulnerabilities > Microsoft > Windows 2000 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-07-21 | CVE-2001-0345 | Sessions DoS vulnerability in Microsoft Windows 2000 Telnet Microsoft Windows 2000 telnet service allows attackers to prevent idle Telnet sessions from timing out, causing a denial of service by creating a large number of idle sessions. | 5.0 |
| 2001-07-21 | CVE-2001-0018 | Unspecified vulnerability in Microsoft Windows 2000 Windows 2000 domain controller in Windows 2000 Server, Advanced Server, or Datacenter Server allows remote attackers to cause a denial of service via a flood of malformed service requests. | 5.0 |
| 2001-07-07 | CVE-2001-1244 | Denial of Service vulnerability in Multiple Vendor Small TCP MSS Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. | 5.0 |
| 2001-06-27 | CVE-2001-0237 | Unspecified vulnerability in Microsoft Windows 2000 Memory leak in Microsoft 2000 domain controller allows remote attackers to cause a denial of service by repeatedly connecting to the Kerberos service and then disconnecting without sending any data. | 5.0 |
| 2001-05-24 | CVE-2001-1347 | Unspecified vulnerability in Microsoft Windows 2000 Windows 2000 allows local users to cause a denial of service and possibly gain privileges by setting a hardware breakpoint that is handled using global debug registers, which could cause other processes to terminate due to an exception, and allow hijacking of resources such as named pipes. | 4.6 |
| 2001-02-16 | CVE-2001-0046 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities. | 4.6 |
| 2001-02-12 | CVE-2001-0014 | Unspecified vulnerability in Microsoft Windows 2000 Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability. | 5.0 |
| 2001-02-12 | CVE-2001-0003 | Unspecified vulnerability in Microsoft products Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability. | 5.0 |
| 2001-01-09 | CVE-2000-1111 | Unspecified vulnerability in Microsoft Windows 2000 Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attempts, which allows remote attackers to cause a denial of service by connecting to the server and not providing any input. | 5.0 |
| 2000-12-31 | CVE-2000-1227 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back. | 5.0 |