This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2004-11-03
Product Windows Server 2003 Last view 2008-06-11
Version - Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware x64  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_server_2003

Activity : Overall

Related : CVE

  Date Alert Description
5.4 2008-06-11 CVE-2008-1441

Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system hang) via a series of Pragmatic General Multicast (PGM) packets with invalid fragment options, aka the "PGM Malformed Fragment Vulnerability."

9.3 2008-04-23 CVE-2007-6255

Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in HRTBEAT.OCX allows remote attackers to execute arbitrary code via the Host argument to an unspecified method.

7.5 2005-10-13 CVE-2005-1987

Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.

10 2004-11-03 CVE-2004-0840

The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated.

CWE : Common Weakness Enumeration

%idName
50% (2) CWE-20 Improper Input Validation
25% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
25% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Open Source Vulnerability Database (OSVDB)

id Description
46068 Microsoft Windows Pragmatic General Multicast (PGM) Fragment Handling Remote DoS
44652 Microsoft HeartbeatCtl HRTBEAT.OCX ActiveX Unspecified Method Host Argument O...
19905 Microsoft Collaboration Data Objects Remote Overflow
10696 Microsoft Windows/Exchange SMTP DNS Lookup Overflow

OpenVAS Exploits

id Description
2011-01-10 Name : Microsoft Pragmatic General Multicast (PGM) Denial of Service Vulnerability ...
File : nvt/gb_ms08-036.nasl
2010-04-26 Name : Microsoft SMTP Service and Exchange Routing Engine Buffer Overflow Vulnerability
File : nvt/gb_ms04_035.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2008-T-0025 Microsoft Pragmatic General Multicast (PGM) Denial of Service Vulnerabilities
Severity: Category I - VMSKEY: V0016038

Snort® IPS/IDS

Date Description
2015-02-05 Microsoft SMTP excessive answer records buffer overflow attempt
RuleID : 32959 - Type : PROTOCOL-DNS - Revision : 2
2014-01-10 Microsoft collaboration data objects buffer overflow attempt
RuleID : 17737 - Type : SERVER-MAIL - Revision : 8
2014-01-10 Microsoft Windows Pragmatic General Multicast Protocol memory consumption den...
RuleID : 17667 - Type : OS-WINDOWS - Revision : 6
2014-01-10 Microsoft PGM fragment denial of service attempt
RuleID : 13825 - Type : OS-WINDOWS - Revision : 9
2014-01-10 Microsoft HeartbeatCtl ActiveX function call unicode access
RuleID : 13761 - Type : WEB-ACTIVEX - Revision : 5
2014-01-10 Microsoft HeartbeatCtl ActiveX function call access
RuleID : 13760 - Type : BROWSER-PLUGINS - Revision : 9
2014-01-10 Microsoft HeartbeatCtl ActiveX clsid unicode access
RuleID : 13759 - Type : WEB-ACTIVEX - Revision : 5
2014-01-10 Microsoft HeartbeatCtl ActiveX clsid access
RuleID : 13758 - Type : BROWSER-PLUGINS - Revision : 10
2014-01-10 Microsoft Windows Exchange CDO long header name
RuleID : 12423 - Type : SERVER-MAIL - Revision : 7

Nessus® Vulnerability Scanner

id Description
2008-06-10 Name: An unauthenticated attacker can crash the remote host.
File: smb_nt_ms08-036.nasl - Type: ACT_GATHER_INFO
2005-10-11 Name: A flaw in the Microsoft Collaboration Data Object could allow an attacker to ...
File: smb_nt_ms05-048.nasl - Type: ACT_GATHER_INFO
2005-04-06 Name: Arbitrary code can be executed on the remote host.
File: smb_nt_ms04-035.nasl - Type: ACT_GATHER_INFO
2004-10-12 Name: The remote SMTP server is affected by a buffer overflow vulnerability.
File: mssmtp_code_execution.nasl - Type: ACT_GATHER_INFO