This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server |
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2000-12-31 |
| Product | Windows Nt | Last view | 2008-10-20 |
| Version | 4.0 | Type | Os |
| Edition | terminal_server | ||
| Language | |||
| Update | sp4 | ||
| CPE Product | cpe:/o:microsoft:windows_nt | ||
Activity : Overall
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 7.1 | 2008-10-20 | CVE-2008-4609 | Network | Medium | None Requ... | |
| 9.3 | 2006-06-13 | CVE-2006-2379 | Network | Medium | None Requ... | |
| 5 | 2006-05-09 | CVE-2006-1184 | Network | Low | None Requ... | |
| 7.5 | 2006-05-09 | CVE-2006-0034 | Network | Low | None Requ... | |
| 5.1 | 2006-04-03 | CVE-2006-1591 | Network | High | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 9.3 | 2006-01-10 | CVE-2006-0010 | Network | Medium | None Requ... | |
| 5 | 2005-05-02 | CVE-2005-1184 | Network | Low | None Requ... | |
| 10 | 2005-05-02 | CVE-2005-0050 | Network | Low | None Requ... | |
| 7.5 | 2005-05-02 | CVE-2005-0045 | Network | Low | None Requ... | |
| 7.5 | 2005-04-27 | CVE-2005-0416 | Network | Low | None Requ... | |
| 10 | 2005-01-10 | CVE-2004-1080 | Network | Low | None Requ... | |
| 10 | 2005-01-10 | CVE-2004-0901 | Network | Low | None Requ... | |
| 10 | 2005-01-10 | CVE-2004-0900 | Network | Low | None Requ... | |
| 5 | 2005-01-10 | CVE-2004-0899 | Network | Low | None Requ... | |
| 7.2 | 2005-01-10 | CVE-2004-0893 | Local | Low | None Requ... | |
| 10 | 2005-01-10 | CVE-2004-0571 | Network | Low | None Requ... | |
| 10 | 2005-01-10 | CVE-2004-0568 | Network | Low | None Requ... | |
| 5.1 | 2004-12-31 | CVE-2004-1306 | Network | High | None Requ... | |
| 5 | 2004-12-23 | CVE-2004-1361 | Network | Low | None Requ... | |
| 5 | 2004-12-23 | CVE-2004-1305 | Network | Low | None Requ... | |
| 10 | 2004-08-06 | CVE-2004-0201 | Network | Low | None Requ... | |
| 9.3 | 2004-03-03 | CVE-2003-0825 | Network | Medium | None Requ... | |
| 7.5 | 2004-03-03 | CVE-2003-0818 | Network | Low | None Requ... | |
| 5.1 | 2003-11-17 | CVE-2003-0813 | Network | High | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 50% (3) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 33% (2) | CWE-20 | Improper Input Validation |
| 16% (1) | CWE-16 | Configuration |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-21 | Exploitation of Session Variables, Resource IDs and other Trusted Credentials |
| CAPEC-27 | Leveraging Race Conditions via Symbolic Links |
| CAPEC-29 | Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions |
| CAPEC-47 | Buffer Overflow via Parameter Expansion |
| CAPEC-59 | Session Credential Falsification through Prediction |
| id | Name |
|---|---|
| CAPEC-60 | Reusing Session IDs (aka Session Replay) |
| CAPEC-75 | Manipulating Writeable Configuration Files |
| CAPEC-76 | Manipulating Input to File System Calls |
| CAPEC-89 | Pharming |
| CAPEC-111 | JSON Hijacking (aka JavaScript Hijacking) |
Oval Markup Language : Definitions
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:900 | Windows XP RPCSS DCOM Buffer Overflow (Blaster) |
| oval:org.mitre.oval:def:894 | Server 2003 RPCSS DCOM Buffer Overflow |
| oval:org.mitre.oval:def:893 | Windows 2000 RPCSS DCOM Buffer Overflow (Blaster, Test 3) |
| oval:org.mitre.oval:def:3483 | NetBT Name Service Information Access Vulnerability |
| oval:org.mitre.oval:def:268 | Windows XP Messenger Service Buffer Overflow |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:213 | Windows 2000 Messenger Service Buffer Overflow |
| oval:org.mitre.oval:def:539 | MS Word 6.0 Font Conversion Vulnerability (64-bit XP) |
| oval:org.mitre.oval:def:4749 | Suppressed: Duplicate of OVAL3882 |
| oval:org.mitre.oval:def:3882 | MS Word 6.0 Font Conversion Vulnerability (32-bit XP) |
| oval:org.mitre.oval:def:4576 | MS Word 6.0 Font Conversion Vulnerability (NT Terminal Server) |
| oval:org.mitre.oval:def:4076 | Suppressed: Duplicate of OVAL1655 |
| oval:org.mitre.oval:def:1655 | MS Word 6.0 Font Conversion Vulnerability (Server 2003) |
| oval:org.mitre.oval:def:3310 | MS Word 6.0 Font Conversion Vulnerability (NT 4.0) |
| oval:org.mitre.oval:def:1241 | MS Word 6.0 Font Conversion Vulnerability (Windows 2000) |
| oval:org.mitre.oval:def:4043 | SMB Code Execution Vulnerability (Windows 2000) |
| oval:org.mitre.oval:def:1889 | SMB Code Execution Vulnerability (XP,SP1) |
| oval:org.mitre.oval:def:1847 | SMB Code Execution Vulnerability (Server 2003 / 64-bit XP) |
| oval:org.mitre.oval:def:1606 | SMB Code Execution Vulnerability (32-bit XP) |
| oval:org.mitre.oval:def:582 | MSJava Applet CODEBASE File Access Vulnerability |
| oval:org.mitre.oval:def:189 | Network Share Provider Buffer Overflow |
| oval:org.mitre.oval:def:779 | Windows XP Kernel Debugger-based Buffer Overflow (Test 2) |
| oval:org.mitre.oval:def:3145 | Windows 2000 Kernel Debugger-based Buffer Overflow |
| oval:org.mitre.oval:def:262 | Windows 2000 Kernel Debugger-based Buffer Overflow |
| oval:org.mitre.oval:def:2265 | Windows NT Terminal Server Kernel Debugger-based Buffer Overflow |
| oval:org.mitre.oval:def:2022 | Windows NT Kernel Debugger-based Buffer Overflow |
SAINT Exploits
| Description | Link |
|---|---|
| Windows RPC DCOM interface buffer overflow | More info here |
| Microsoft WINS replication service pointer corruption | More info here |
Open Source Vulnerability Database (OSVDB)
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 62144 | F5 Multiple Products TCP/IP Implementation Queue Connection Saturation TCP St... |
| 61133 | Citrix Multiple Products TCP/IP Implementation Queue Connection Saturation TC... |
| 59732 | Microsoft Windows Screensaver Domain Account Lock Verification Local Brute Fo... |
| 59482 | Blue Coat Multiple Products TCP/IP Implementation Queue Connection Saturation... |
| 58614 | McAfee Email and Web Security Appliance TCP/IP Implementation Queue Connectio... |
| id | Description |
|---|---|
| 58321 | Check Point Multiple Products TCP/IP Implementation Queue Connection Saturati... |
| 58189 | Yamaha RT Series Routers TCP/IP Implementation Queue Connection Saturation TC... |
| 57993 | Solaris TCP/IP Implementation Queue Connection Saturation TCP State Table Rem... |
| 57795 | Microsoft Windows TCP/IP Implementation Queue Connection Saturation TCP State... |
| 57794 | Multiple BSD TCP/IP Implementation Queue Connection Saturation TCP State Tabl... |
| 57793 | Multiple Linux TCP/IP Implementation Queue Connection Saturation TCP State Ta... |
| 50286 | Cisco TCP/IP Implementation Queue Connection Saturation TCP State Table Remot... |
| 26433 | Microsoft Windows TCP/IP Protocol Driver Source Routing Overflow |
| 25336 | Microsoft Windows Distributed Transaction Coordinator (DTC) BuildContextW Req... |
| 25335 | Microsoft Windows Distributed Transaction Coordinator (DTC) CRpcIoManagerServ... |
| 24802 | Microsoft Windows Help winhlp32.exe Embedded Image Processing Overflow |
| 20188 | Microsoft Windows Crafted SMB SMBnegprots Request DOS |
| 19187 | Microsoft Windows NT/2000 DNS Server Non-delegated NS Glue Record Cache Poiso... |
| 18829 | Microsoft Windows Open Type (EOT) Font Handling Remote Overflow |
| 16610 | Multiple Vendor TCP Implementation Malformed Ack Number "Keep Alive"... |
| 16430 | Microsoft Windows Animated Cursor (ANI) Capability AnimationHeaderBlock Lengt... |
| 14475 | Microsoft Windows Script Engine for Jscript JsArrayFunctionHeapSort Overflow |
| 13600 | Microsoft Windows SMB Transaction Data Overflow |
| 13599 | Microsoft Windows License Logging Service Overflow |
| 13418 | Microsoft Virtual Machine Applet Tag Malformed CODEBASE Arbitrary File Access |
ExploitDB Exploits
| id | Description |
|---|---|
| 21746 | MS Windows 2000/NT 4/XP Network Share Provider SMB Request Buffer Overflow (1) |
| 1065 | MS Windows (SMB) Transaction Response Handling Exploit (MS05-011) |
OpenVAS Exploits
| id | Description |
|---|---|
| 2010-07-08 | Name : Microsoft Windows GDI Multiple Vulnerabilities (925902) File : nvt/ms07-017.nasl |
| 2009-11-16 | Name : Microsoft RPC Interface Buffer Overrun (KB824146) File : nvt/msrpc_dcom2.nasl |
| 2009-09-10 | Name : Microsoft Windows TCP/IP Remote Code Execution Vulnerability (967723) File : nvt/secpod_ms09-048.nasl |
| 2009-03-16 | Name : Microsoft MS03-034 security check File : nvt/remote-MS03-034.nasl |
| 2005-11-03 | Name : Certificate Validation Flaw Could Enable Identity Spoofing (Q328145) File : nvt/smb_nt_ms02-050.nasl |
| id | Description |
|---|---|
| 2005-11-03 | Name : Microsoft RDP flaws could allow sniffing and DOS(Q324380) File : nvt/smb_nt_ms02-051.nasl |
| 2005-11-03 | Name : Flaw in Microsoft VM Could Allow Code Execution (810030) File : nvt/smb_nt_ms02-052.nasl |
| 2005-11-03 | Name : Unchecked Buffer in Windows Help(Q323255) File : nvt/smb_nt_ms02-055.nasl |
| 2005-11-03 | Name : Vulnerability in Authenticode Verification Could Allow Remote Code Execution ... File : nvt/smb_nt_ms03-041.nasl |
| 2005-11-03 | Name : Buffer Overflow in Windows Troubleshooter ActiveX Control (826232) File : nvt/smb_nt_ms03-042.nasl |
| 2005-11-03 | Name : Buffer Overrun in Messenger Service (828035) File : nvt/smb_nt_ms03-043.nasl |
| 2005-11-03 | Name : Buffer Overrun in the ListBox and in the ComboBox (824141) File : nvt/smb_nt_ms03-045.nasl |
| 2005-11-03 | Name : IIS FrontPage DoS II File : nvt/frontpage_overflow.nasl |
| 2005-11-03 | Name : MS RPC Services null pointer reference DoS File : nvt/msrpc-spike27.nasl |
| 2005-11-03 | Name : Microsoft RPC Interface Buffer Overrun (823980) File : nvt/msrpc_dcom.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2005-A-0001 | Multiple Vulnerabilities in Microsoft Windows Severity : Category I - VMSKEY : V0005996 |
Snort® IPS/IDS
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Description |
|---|---|
| 2014-01-10 | DCERPC DIRECT ISystemActivator CoGetInstanceFromFile object call attempt RuleID : 9759 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile little endian obje... RuleID : 9758 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile little endian obje... RuleID : 9757 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile object call attempt RuleID : 9756 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile little endian object... RuleID : 9755 - Type : NETBIOS - Revision : 7 |
| Date | Description |
|---|---|
| 2014-01-10 | DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile object call attempt RuleID : 9754 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile object call attempt RuleID : 9753 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC DIRECT ISystemActivator CoGetInstanceFromFile little endian object cal... RuleID : 9752 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC DIRECT ISystemActivator CoGetInstanceFromFile attempt RuleID : 9751 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 9750 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 9749 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile attempt RuleID : 9748 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 9747 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC DIRECT v4 ISystemActivator CoGetInstanceFromFile attempt RuleID : 9746 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile attempt RuleID : 9745 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC NCADG-IP-UDP v4 ISystemActivator CoGetInstanceFromFile little endian a... RuleID : 9744 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC NCACN-HTTP v4 ISystemActivator CoGetInstanceFromFile little endian att... RuleID : 9743 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | DCERPC NCACN-IP-TCP v4 ISystemActivator CoGetInstanceFromFile little endian a... RuleID : 9742 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | DCERPC NCACN-IP-TCP v4 ISystemActivator CoGetInstanceFromFile attempt RuleID : 9741 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile attempt RuleID : 9740 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC DIRECT v4 ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 9739 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC DIRECT ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 9738 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC NCADG-IP-UDP v4 ISystemActivator CoGetInstanceFromFile attempt RuleID : 9737 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC NCACN-HTTP v4 ISystemActivator CoGetInstanceFromFile attempt RuleID : 9736 - Type : NETBIOS - Revision : 5 |
| 2014-01-10 | SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode andx object call... RuleID : 9735 - Type : NETBIOS - Revision : 7 |
Nessus® Vulnerability Scanner
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL10509.nasl - Type : ACT_GATHER_INFO |
| 2010-09-01 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20090908-tcp24http.nasl - Type : ACT_GATHER_INFO |
| 2009-09-08 | Name : Multiple vulnerabilities in the Windows TCP/IP implementation could lead to d... File : smb_nt_ms09-048.nasl - Type : ACT_GATHER_INFO |
| 2007-03-16 | Name : Arbitrary code can be executed on the remote host. File : smb_kb828741.nasl - Type : ACT_GATHER_INFO |
| 2006-06-13 | Name : It is possible to execute code on the remote host. File : smb_nt_ms06-032.nasl - Type : ACT_GATHER_INFO |
| id | Description |
|---|---|
| 2006-05-10 | Name : A vulnerability in MSDTC could allow remote code execution. File : smb_kb913580.nasl - Type : ACT_GATHER_INFO |
| 2006-05-09 | Name : It is possible to crash the remote MSDTC service. File : smb_nt_ms06-018.nasl - Type : ACT_GATHER_INFO |
| 2006-01-10 | Name : Arbitrary code can be executed on the remote host by sending a malformed file... File : smb_nt_ms06-002.nasl - Type : ACT_GATHER_INFO |
| 2006-01-03 | Name : Arbitrary code can be executed on the remote host through the DHCP service. File : smb_kb885249.nasl - Type : ACT_GATHER_INFO |
| 2005-02-08 | Name : Arbitrary code can be executed on the remote host. File : smb_nt_ms05-010.nasl - Type : ACT_GATHER_INFO |
| 2005-02-08 | Name : Arbitrary code can be executed on the remote host. File : smb_nt_ms05-011.nasl - Type : ACT_GATHER_INFO |
| 2005-02-03 | Name : Random portions of memory may be disclosed thru the NetBIOS name service. File : smb_nt_ms03-034.nasl - Type : ACT_GATHER_INFO |
| 2005-01-11 | Name : Arbitrary code can be executed on the remote host through the web or email cl... File : smb_nt_ms05-002.nasl - Type : ACT_GATHER_INFO |
| 2004-12-15 | Name : Arbitrary code can be executed on the remote host. File : wins_replication_overflow.nasl - Type : ACT_GATHER_INFO |
| 2004-12-14 | Name : Arbitrary code can be executed on the remote host through WordPad. File : smb_nt_ms04-041.nasl - Type : ACT_GATHER_INFO |
| 2004-12-14 | Name : Arbitrary code can be executed on the remote host via the DHCP service. File : smb_nt_ms04-042.nasl - Type : ACT_GATHER_INFO |
| 2004-12-14 | Name : Arbitrary code can be executed on the remote host through HyperTerminal. File : smb_nt_ms04-043.nasl - Type : ACT_GATHER_INFO |
| 2004-12-14 | Name : Local users can elevate their privileges on the remote host. File : smb_nt_ms04-044.nasl - Type : ACT_GATHER_INFO |
| 2004-12-14 | Name : Arbitrary code can be executed on the remote host via the WINS service. File : smb_nt_ms04-045.nasl - Type : ACT_GATHER_INFO |
| 2004-12-06 | Name : Arbitrary code can be executed on the remote host. File : wins_overflow.nasl - Type : ACT_GATHER_INFO |
| 2004-07-13 | Name : Arbitrary code can be executed on the remote host through the web client. File : smb_nt_ms04-023.nasl - Type : ACT_GATHER_INFO |
| 2004-04-13 | Name : Arbitrary code can be executed on the remote host. File : smb_nt_ms04-012.nasl - Type : ACT_GATHER_INFO |
| 2004-02-18 | Name : The remote host has multiple integer overflow vulnerabilities. File : mail_asn1_decoding.nasl - Type : ACT_GATHER_INFO |
| 2004-02-15 | Name : The remote Windows host is affected by a memory corruption vulnerability. File : http_asn1_decoding.nasl - Type : ACT_GATHER_INFO |
| 2004-02-13 | Name : Arbitrary code can be executed on the remote host. File : windows_asn1_vuln_ntlm.nasl - Type : ACT_GATHER_INFO |
