Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2008-04-21 |
| Product | Windows Server 2003 | Last view | 2010-02-04 |
| Version | * | Type | Os |
| Update | sp1 | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_server_2003 | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 9.3 | 2010-02-04 | CVE-2010-0555 | Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving the product's use of text/html as the default content type for files that are encountered after a redirection, aka the URLMON sniffing vulnerability, a variant of CVE-2009-1140 and related to CVE-2008-1448. |
| 7.8 | 2009-06-10 | CVE-2009-1139 | Memory leak in the LDAP service in Active Directory on Microsoft Windows 2000 SP4 and Server 2003 SP2, and Active Directory Application Mode (ADAM) on Windows XP SP2 and SP3 and Server 2003 SP2, allows remote attackers to cause a denial of service (memory consumption and service outage) via (1) LDAP or (2) LDAPS requests with unspecified OID filters, aka "Active Directory Memory Leak Vulnerability." |
| 9.3 | 2009-04-15 | CVE-2009-0550 | Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008; allows remote web servers to capture and replay NTLM credentials, and execute arbitrary code, via vectors related to absence of a "credential-reflection protections" opt-in step, aka "Windows HTTP Services Credential Reflection Vulnerability" and "WinINet Credential Reflection Vulnerability." |
| 5.8 | 2009-04-15 | CVE-2009-0089 | Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Vista Gold allows remote web servers to impersonate arbitrary https web sites by using DNS spoofing to "forward a connection" to a different https web site that has a valid certificate matching its own domain name, but not a certificate matching the domain name of the host requested by the user, aka "Windows HTTP Services Certificate Name Mismatch Vulnerability." |
| 9.3 | 2009-04-15 | CVE-2009-0088 | The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via a crafted WordPerfect 6.x file, related to an unspecified counter and control structures on the stack, aka "Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability." |
| 10 | 2009-04-15 | CVE-2009-0086 | Integer underflow in Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote HTTP servers to execute arbitrary code via crafted parameter values in a response, related to error handling, aka "Windows HTTP Services Integer Underflow Vulnerability." |
| 6.9 | 2009-04-15 | CVE-2009-0079 | The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows RPCSS Service Isolation Vulnerability." |
| 7.2 | 2009-04-15 | CVE-2009-0078 | The Windows Management Instrumentation (WMI) provider in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows WMI Service Isolation Vulnerability." |
| 6.4 | 2009-03-11 | CVE-2009-0234 | The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote attackers to predict transaction IDs and poison caches by sending many crafted DNS queries that trigger "unnecessary lookups," aka "DNS Server Response Validation Vulnerability." |
| 5.8 | 2009-03-11 | CVE-2009-0233 | The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when dynamic updates are enabled, does not reuse cached DNS responses in all applicable situations, which makes it easier for remote attackers to predict transaction IDs and poison caches by simultaneously sending crafted DNS queries and responses, aka "DNS Server Query Validation Vulnerability." |
| 5.5 | 2009-03-11 | CVE-2009-0094 | The WINS server in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 does not restrict registration of the (1) "wpad" and (2) "isatap" NetBIOS names, which allows remote authenticated users to hijack the Web Proxy Auto-Discovery (WPAD) and Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) features, and conduct man-in-the-middle attacks by spoofing a proxy server or ISATAP route, by registering one of these names in the WINS database, aka "WPAD WINS Server Registration Vulnerability," a related issue to CVE-2007-1692. |
| 3.5 | 2009-03-11 | CVE-2009-0093 | Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when dynamic updates are enabled, does not restrict registration of the "wpad" hostname, which allows remote authenticated users to hijack the Web Proxy Auto-Discovery (WPAD) feature, and conduct man-in-the-middle attacks by spoofing a proxy server, via a Dynamic Update request for this hostname, aka "DNS Server Vulnerability in WPAD Registration Vulnerability," a related issue to CVE-2007-1692. |
| 7.1 | 2009-03-10 | CVE-2009-0085 | The Secure Channel (aka SChannel) authentication component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, when certificate authentication is used, does not properly validate the client's key exchange data in Transport Layer Security (TLS) handshake messages, which allows remote attackers to spoof authentication by crafting a TLS packet based on knowledge of the certificate but not the private key, aka "SChannel Spoofing Vulnerability." |
| 7.2 | 2009-03-10 | CVE-2009-0083 | The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 does not properly handle invalid pointers, which allows local users to gain privileges via an application that triggers use of a crafted pointer, aka "Windows Kernel Invalid Pointer Vulnerability." |
| 7.2 | 2009-03-10 | CVE-2009-0082 | The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate handles, which allows local users to gain privileges via a crafted application that triggers unspecified "actions," aka "Windows Kernel Handle Validation Vulnerability." |
| 9.3 | 2009-03-10 | CVE-2009-0081 | The graphics device interface (GDI) implementation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate input received from user mode, which allows remote attackers to execute arbitrary code via a crafted (1) Windows Metafile (aka WMF) or (2) Enhanced Metafile (aka EMF) image file, aka "Windows Kernel Input Validation Vulnerability." |
| 7.2 | 2009-01-21 | CVE-2009-0243 | Microsoft Windows does not properly enforce the Autorun and NoDriveTypeAutoRun registry values, which allows physically proximate attackers to execute arbitrary code by (1) inserting CD-ROM media, (2) inserting DVD media, (3) connecting a USB device, and (4) connecting a Firewire device; (5) allows user-assisted remote attackers to execute arbitrary code by mapping a network drive; and allows user-assisted attackers to execute arbitrary code by clicking on (6) an icon under My Computer\Devices with Removable Storage and (7) an option in an AutoPlay dialog, related to the Autorun.inf file. NOTE: vectors 1 and 3 on Vista are already covered by CVE-2008-0951. |
| 10 | 2009-01-14 | CVE-2008-4835 | SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans2 request, related to "insufficiently validating the buffer size," aka "SMB Validation Remote Code Execution Vulnerability." |
| 10 | 2009-01-14 | CVE-2008-4834 | Buffer overflow in SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans request, aka "SMB Buffer Overflow Remote Code Execution Vulnerability." |
| 10 | 2008-10-23 | CVE-2008-4250 | The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability." |
| 10 | 2008-10-14 | CVE-2008-4038 | Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a crafted length, aka "SMB Buffer Underflow Vulnerability." |
| 7.2 | 2008-10-14 | CVE-2008-4036 | Integer overflow in Memory Manager in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that triggers an erroneous decrement of a variable, related to validation of parameters for Virtual Address Descriptors (VADs) and a "memory allocation mapping error," aka "Virtual Address Descriptor Elevation of Privilege Vulnerability." |
| 7.2 | 2008-10-14 | CVE-2008-2251 | Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that makes system calls within multiple threads, aka "Windows Kernel Unhandled Exception Vulnerability." NOTE: according to Microsoft, this is not a duplicate of CVE-2008-4510. |
| 7.2 | 2008-10-14 | CVE-2008-2250 | The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate window properties sent from a parent window to a child window during creation of a new window, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Window Creation Vulnerability." |
| 7.1 | 2008-09-16 | CVE-2008-4114 | srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via an SMB WRITE_ANDX packet with an offset that is inconsistent with the packet size, related to "insufficiently validating the buffer size," as demonstrated by a request to the \PIPE\lsarpc named pipe, aka "SMB Validation Denial of Service Vulnerability." |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 34% (8) | CWE-20 | Improper Input Validation |
| 17% (4) | CWE-264 | Permissions, Privileges, and Access Controls |
| 13% (3) | CWE-399 | Resource Management Errors |
| 8% (2) | CWE-189 | Numeric Errors |
| 8% (2) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 8% (2) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 4% (1) | CWE-287 | Improper Authentication |
| 4% (1) | CWE-16 | Configuration |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
| CAPEC-7 | Blind SQL Injection |
| CAPEC-8 | Buffer Overflow in an API Call |
| CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
| CAPEC-10 | Buffer Overflow via Environment Variables |
| CAPEC-13 | Subverting Environment Variable Values |
| CAPEC-14 | Client-side Injection-induced Buffer Overflow |
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
| CAPEC-24 | Filter Failure through Buffer Overflow |
| CAPEC-28 | Fuzzing |
| CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
| CAPEC-32 | Embedding Scripts in HTTP Query Strings |
| CAPEC-42 | MIME Conversion |
| CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
| CAPEC-45 | Buffer Overflow via Symbolic Links |
| CAPEC-46 | Overflow Variables and Tags |
| CAPEC-47 | Buffer Overflow via Parameter Expansion |
| CAPEC-52 | Embedding NULL Bytes |
| CAPEC-53 | Postfix, Null Terminate, and Backslash |
| CAPEC-63 | Simple Script Injection |
| CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
| CAPEC-66 | SQL Injection |
| CAPEC-67 | String Format Overflow in syslog() |
| CAPEC-71 | Using Unicode Encoding to Bypass Validation Logic |
SAINT Exploits
| Description | Link |
|---|---|
| Windows Server Service buffer overflow MS08-067 | More info here |
| Internet Explorer WinINet credential reflection vulnerability | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 62157 | Microsoft IE text/html Content Type URLMON Sniffing Arbitrary File Access |
| 56513 | Microsoft Windows Autorun / NoDriveTypeAutoRun Registry Value Enforcement Wea... |
| 54938 | Microsoft Windows Active Directory Crafted LDAP(S) Request Handling Remote DoS |
| 53667 | Microsoft Windows RPCSS Service Isolation Local Privilege Escalation |
| 53666 | Microsoft Windows Management Instrumentation (WMI) Service Isolation Local Pr... |
| 53663 | Microsoft Office Word 2000 WordPerfect 6.x Converter Document Handling Stack ... |
| 53621 | Microsoft Windows HTTP Services Digital Certificate Distinguished Name Mismat... |
| 53620 | Microsoft Windows HTTP Services Web Server Response Unspecified Integer Under... |
| 53619 | Microsoft Windows HTTP Services NTLM Credential Replay Privileged Code Execution |
| 52692 | Microsoft SMB NT Trans2 Request Parsing Unspecified Remote Code Execution |
| 52691 | Microsoft SMB NT Trans Request Parsing Overflow Remote Code Execution |
| 52524 | Microsoft Windows Invalid Pointer Local Privilege Escalation |
| 52523 | Microsoft Windows Handle Validation Local Privilege Escalation |
| 52522 | Microsoft Windows GDI Kernel Component Unspecified Remote Code Execution |
| 52521 | Microsoft Windows SChannel Certificate Based Authentication Spoofing Bypass |
| 52520 | Microsoft Windows WPAD WINS Server Registration Web Proxy MiTM Weakness |
| 52519 | Microsoft Windows DNS Server WPAD Registration Dynamic Update MiTM Weakness |
| 52518 | Microsoft Windows DNS Server Response Response Validation Transaction ID Pred... |
| 52517 | Microsoft Windows DNS Server Query Validation Spoofing |
| 49243 | Microsoft Windows Server Service Crafted RPC Request Handling Unspecified Rem... |
| 49057 | Microsoft Windows SMB File Name Handling Remote Underflow |
| 49055 | Microsoft Windows Kernel New Window Creation Process Arbitrary Code Execution |
| 49054 | Microsoft Windows Kernel Double-free Unspecified Local Privilege Escalation |
| 49053 | Microsoft Windows Virtual Address Descriptors (VAD) Local Privilege Escalation |
| 48153 | Microsoft Windows srv.sys WRITE_ANDX SMB Packet Handling Remote DoS |
OpenVAS Exploits
| id | Description |
|---|---|
| 2010-03-18 | Name : Vulnerabilities in SMB Could Allow Remote Code Execution (958687) - Remote File : nvt/secpod_ms09-001_remote.nasl |
| 2009-06-11 | Name : Microsoft Active Directory LDAP Remote Code Execution Vulnerability (969805) File : nvt/secpod_ms09-018.nasl |
| 2009-04-17 | Name : Conficker Detection File : nvt/conficker.nasl |
| 2009-04-15 | Name : Microsoft Internet Explorer Remote Code Execution Vulnerability (963027) File : nvt/secpod_ms09-014.nasl |
| 2009-04-15 | Name : Windows HTTP Services Could Allow Remote Code Execution Vulnerabilities (960803) File : nvt/secpod_ms09-013.nasl |
| 2009-04-15 | Name : Vulnerabilities in Windows Could Allow Elevation of Privilege (959454) File : nvt/secpod_ms09-012.nasl |
| 2009-03-11 | Name : Vulnerabilities in DNS and WINS Server Could Allow Spoofing (962238) File : nvt/secpod_ms09-008.nasl |
| 2009-03-11 | Name : Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690) File : nvt/secpod_ms09-006.nasl |
| 2009-03-11 | Name : Vulnerability in SChannel Could Allow Spoofing (960225) File : nvt/secpod_ms09-007.nasl |
| 2009-02-02 | Name : Microsoft Autorun Arbitrary Code Execution Vulnerability (08-038) File : nvt/secpod_ms08-038.nasl |
| 2009-01-14 | Name : Vulnerabilities in SMB Could Allow Remote Code Execution (958687) File : nvt/secpod_ms09-001.nasl |
| 2008-12-12 | Name : WordPad and Office Text Converter Memory Corruption Vulnerability (960477) File : nvt/secpod_ms_wordpad_mult_vuln.nasl |
| 2008-10-30 | Name : Vulnerability in Server Service Could Allow Remote Code Execution (958644) File : nvt/secpod_ms08-067_900056.nasl |
| 2008-10-24 | Name : Server Service Could Allow Remote Code Execution Vulnerability (958644) File : nvt/secpod_ms08-067_900055.nasl |
| 2008-10-15 | Name : Virtual Address Descriptor Manipulation Elevation of Privilege Vulnerability ... File : nvt/secpod_ms08-064_900225.nasl |
| 2008-10-15 | Name : SMB Remote Code Execution Vulnerability (957095) File : nvt/secpod_ms08-063_900053.nasl |
| 2008-10-15 | Name : Windows Kernel Elevation of Privilege Vulnerability (954211) File : nvt/secpod_ms08-061_900051.nasl |
| 2008-08-22 | Name : Vulnerabilities in DNS Could Allow Spoofing (953230) File : nvt/secpod_ms08-037_900005.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2009-A-0034 | Microsoft Windows HTTP Services Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0018756 |
| 2009-A-0032 | Multiple Vulnerabilities in WordPad and Office Text Converters Severity: Category I - VMSKEY: V0018752 |
| 2009-A-0019 | Microsoft Windows Secure Channel Vulnerability Severity: Category II - VMSKEY: V0018549 |
| 2009-A-0018 | Multiple Vulnerabilities in Windows DNS and WINS Servers Severity: Category I - VMSKEY: V0018553 |
| 2008-A-0081 | Microsoft Server Service Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0017870 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-09-05 | Microsoft Windows GDI EMF parsing arbitrary code execution attempt RuleID : 50885 - Type : FILE-OTHER - Revision : 1 |
| 2019-09-05 | Microsoft Windows GDI EMF parsing arbitrary code execution attempt RuleID : 50884 - Type : FILE-OTHER - Revision : 1 |
| 2014-06-19 | Microsoft Office Word WordPerfect converter buffer overflow attempt RuleID : 31032 - Type : FILE-OFFICE - Revision : 2 |
| 2014-06-19 | Microsoft Office Word WordPerfect converter buffer overflow attempt RuleID : 31031 - Type : FILE-OFFICE - Revision : 2 |
| 2014-01-10 | Microsoft Windows SMB Trans2 Find_First2 filename overflow attempt RuleID : 21529 - Type : OS-WINDOWS - Revision : 9 |
| 2014-01-10 | Microsoft Windows wpad dynamic update request RuleID : 17731 - Type : OS-WINDOWS - Revision : 10 |
| 2014-01-10 | possible SMB replay attempt - overlapping encryption keys detected RuleID : 17723 - Type : OS-WINDOWS - Revision : 12 |
| 2014-01-10 | Microsoft Windows DNS Server ANY query cache weakness RuleID : 17696 - Type : PROTOCOL-DNS - Revision : 9 |
| 2014-01-10 | Microsoft Windows IIS SChannel improper certificate verification RuleID : 17431 - Type : SERVER-IIS - Revision : 12 |
| 2014-01-10 | Microsoft Internet Explorer 7/8 execute local file in Internet zone redirect ... RuleID : 16423 - Type : BROWSER-IE - Revision : 14 |
| 2014-01-10 | Telnet-based NTLM replay attack attempt RuleID : 15847 - Type : OS-WINDOWS - Revision : 14 |
| 2014-01-10 | Active Directory invalid OID denial of service attempt RuleID : 15522 - Type : SERVER-OTHER - Revision : 8 |
| 2014-01-10 | IIS ASP/ASP.NET potentially malicious file upload attempt RuleID : 15470 - Type : FILE-EXECUTABLE - Revision : 8 |
| 2014-01-10 | Microsoft Office WordPad WordPerfect 6.x converter buffer overflow attempt RuleID : 15466 - Type : FILE-OFFICE - Revision : 13 |
| 2014-01-10 | Multiple web browsers HTTP chunked transfer-encoding memory corruption attempt RuleID : 15462 - Type : BROWSER-OTHER - Revision : 20 |
| 2014-01-10 | WinHTTP SSL/TLS impersonation attempt RuleID : 15456 - Type : SERVER-OTHER - Revision : 6 |
| 2014-01-10 | SMB replay attempt via NTLMSSP - overlapping encryption keys detected RuleID : 15453 - Type : OS-WINDOWS - Revision : 16 |
| 2014-01-10 | udp WINS WPAD registration attempt RuleID : 15387 - Type : OS-WINDOWS - Revision : 13 |
| 2014-01-10 | Microsoft Windows wpad dynamic update request RuleID : 15386 - Type : OS-WINDOWS - Revision : 10 |
| 2014-01-10 | Microsoft Internet Explorer EMF polyline overflow attempt RuleID : 15300 - Type : BROWSER-IE - Revision : 9 |
| 2014-01-10 | Microsoft Windows SMB Trans2 OPEN2 unicode andx param_count underflow attempt RuleID : 15227 - Type : OS-WINDOWS - Revision : 11 |
| 2014-01-10 | Microsoft Windows SMB Trans2 OPEN2 andx param_count underflow attempt RuleID : 15226 - Type : OS-WINDOWS - Revision : 11 |
| 2014-01-10 | Microsoft Windows SMB Trans2 OPEN2 andx param_count underflow attempt RuleID : 15225 - Type : OS-WINDOWS - Revision : 13 |
| 2014-01-10 | Microsoft Windows SMB Trans2 OPEN2 unicode andx param_count underflow attempt RuleID : 15224 - Type : OS-WINDOWS - Revision : 13 |
| 2014-01-10 | Microsoft Windows SMB Trans2 OPEN2 unicode param_count underflow attempt RuleID : 15223 - Type : OS-WINDOWS - Revision : 11 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2014-03-05 | Name: The DNS server running on the remote host is vulnerable to DNS spoofing attacks. File: ms_dns_kb961063.nasl - Type: ACT_GATHER_INFO |
| 2014-03-05 | Name: The DNS server running on the remote host is vulnerable to DNS spoofing attacks. File: ms_dns_kb951746.nasl - Type: ACT_GATHER_INFO |
| 2009-06-10 | Name: Arbitrary code can be executed on the remote host through Microsoft Active Di... File: smb_nt_ms09-018.nasl - Type: ACT_GATHER_INFO |
| 2009-04-15 | Name: Arbitrary code can be executed on the remote host through a web browser. File: smb_nt_ms09-014.nasl - Type: ACT_GATHER_INFO |
| 2009-04-15 | Name: The remote host contains an API that is affected by multiple vulnerabilities. File: smb_nt_ms09-013.nasl - Type: ACT_GATHER_INFO |
| 2009-04-15 | Name: A local user can elevate his privileges on the remote host. File: smb_nt_ms09-012.nasl - Type: ACT_GATHER_INFO |
| 2009-04-15 | Name: It is possible to execute arbitrary code on the remote Windows host using a t... File: smb_nt_ms09-010.nasl - Type: ACT_GATHER_INFO |
| 2009-03-11 | Name: It may be possible to spoof user identities. File: smb_nt_ms09-007.nasl - Type: ACT_GATHER_INFO |
| 2009-03-11 | Name: The remote host is vulnerable to DNS and/or WINS spoofing attacks. File: smb_nt_ms09-008.nasl - Type: ACT_GATHER_INFO |
| 2009-03-11 | Name: It is possible to execute arbitrary code on the remote host. File: smb_nt_ms09-006.nasl - Type: ACT_GATHER_INFO |
| 2009-01-13 | Name: It may be possible to execute arbitrary code on the remote host due to a flaw... File: smb_nt_ms09-001.nasl - Type: ACT_GATHER_INFO |
| 2008-10-23 | Name: The remote Windows host is affected by a remote code execution vulnerability. File: smb_kb958644.nasl - Type: ACT_GATHER_INFO |
| 2008-10-23 | Name: The remote Windows host is affected by a remote code execution vulnerability. File: smb_nt_ms08-067.nasl - Type: ACT_GATHER_INFO |
| 2008-10-15 | Name: A local user can elevate privileges on the remote host. File: smb_nt_ms08-064.nasl - Type: ACT_GATHER_INFO |
| 2008-10-15 | Name: It is possible to crash the remote host due to a flaw in the 'server' service. File: smb_nt_ms08-063.nasl - Type: ACT_GATHER_INFO |
| 2008-10-15 | Name: A local user can elevate his privileges on the remote host. File: smb_nt_ms08-061.nasl - Type: ACT_GATHER_INFO |
| 2008-07-08 | Name: The remote host is vulnerable to DNS spoofing attacks. File: smb_nt_ms08-037.nasl - Type: ACT_GATHER_INFO |
