Vulnerabilities > Microsoft > Windows 2000 > Medium

DATE CVE VULNERABILITY TITLE RISK
2009-03-11 CVE-2009-0094 Unspecified vulnerability in Microsoft products
The WINS server in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 does not restrict registration of the (1) "wpad" and (2) "isatap" NetBIOS names, which allows remote authenticated users to hijack the Web Proxy Auto-Discovery (WPAD) and Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) features, and conduct man-in-the-middle attacks by spoofing a proxy server or ISATAP route, by registering one of these names in the WINS database, aka "WPAD WINS Server Registration Vulnerability," a related issue to CVE-2007-1692.
network
low complexity
microsoft
5.5
2008-11-17 CVE-2008-5112 Information Exposure vulnerability in Microsoft Windows and Windows 2000
The LDAP server in Active Directory in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 responds differently to a failed bind attempt depending on whether the user account exists and is permitted to login, which allows remote attackers to enumerate valid usernames via a series of LDAP bind requests, as demonstrated by ldapuserenum.
network
low complexity
microsoft CWE-200
5.0
2008-11-12 CVE-2008-4033 Information Exposure vulnerability in Microsoft XML Core Services
Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka "MSXML Header Request Vulnerability."
network
microsoft CWE-200
4.3
2008-09-11 CVE-2008-3630 Remote Forged DNS Response vulnerability in Apple Bonjour 1.0.4
mDNSResponder in Apple Bonjour for Windows before 1.0.5, when an application uses the Bonjour API for unicast DNS, does not choose random values for transaction IDs or source ports in DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.
network
low complexity
apple microsoft
6.4
2008-09-11 CVE-2008-2326 Improper Input Validation vulnerability in Apple Bonjour 1.0.4
mDNSResponder in the Bonjour Namespace Provider in Apple Bonjour for Windows before 1.0.5 allows attackers to cause a denial of service (NULL pointer dereference and application crash) by resolving a crafted .local domain name that contains a long label.
network
low complexity
apple microsoft CWE-20
5.0
2008-08-27 CVE-2008-3843 Cross-Site Scripting vulnerability in Microsoft .Net Framework 1.0/1.1/2.0
Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework with the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a query string containing a "<~/" (less-than tilde slash) sequence followed by a crafted STYLE element.
network
microsoft CWE-79
4.3
2008-08-27 CVE-2008-3842 Cross-Site Scripting vulnerability in Microsoft .Net Framework 1.0/1.1/2.0
Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework without the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a query string containing a "</" (less-than slash) sequence.
network
microsoft CWE-79
4.3
2008-07-30 CVE-2008-3365 Path Traversal vulnerability in Pixelpost 1.7.1
Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on Windows, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a ..
6.8
2008-07-08 CVE-2008-1447 Insufficient Entropy vulnerability in ISC Bind 4/8/9.2.9
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
network
low complexity
canonical cisco debian microsoft redhat isc CWE-331
5.0
2008-02-12 CVE-2008-0088 Improper Input Validation vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP
Unspecified vulnerability in Active Directory on Microsoft Windows 2000 and Windows Server 2003, and Active Directory Application Mode (ADAM) on XP and Server 2003, allows remote attackers to cause a denial of service (hang and restart) via a crafted LDAP request.
network
low complexity
microsoft CWE-20
6.8