Summary
Detail | |||
---|---|---|---|
Vendor | Microsoft | First view | 1995-01-01 |
Product | Windows Nt | Last view | 2010-01-21 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.2 | 2010-01-21 | CVE-2010-0232 | The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka "Windows Kernel Exception Handler Vulnerability." |
9.3 | 2008-11-25 | CVE-2008-5232 | Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
9.3 | 2007-11-19 | CVE-2007-6026 | Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944. |
6.9 | 2007-04-11 | CVE-2007-1973 | Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \Device\PhysicalMemory section handle, a related issue to CVE-2007-1206. |
6.8 | 2007-04-10 | CVE-2007-1912 | Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file. |
9.3 | 2006-06-13 | CVE-2006-2379 | Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing. |
5 | 2006-05-09 | CVE-2006-1184 | Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119. |
7.5 | 2006-05-09 | CVE-2006-0034 | Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability. |
5.1 | 2006-04-03 | CVE-2006-1591 | Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file. |
7.8 | 2006-03-03 | CVE-2006-0988 | The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the Microsoft DNS Server service on Windows NT 4.0, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. |
9.3 | 2006-01-10 | CVE-2006-0010 | Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression. |
5 | 2005-12-31 | CVE-2005-4717 | Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that triggers a null dereference, probably related to rendering of a DIV element that contains a malformed IMG tag, as demonstrated by IEcrash.htm and IEcrash.rar. |
7.2 | 2005-12-13 | CVE-2005-2827 | The thread termination routine in the kernel for Windows NT 4.0 and 2000 (NTOSKRNL.EXE) allows local users to modify kernel memory and execution flow via steps in which a terminating thread causes Asynchronous Procedure Call (APC) entries to free the wrong data, aka the "Windows Kernel Vulnerability." |
5 | 2005-07-11 | CVE-2005-2150 | Windows NT 4.0 and Windows 2000 before URP1 for Windows 2000 SP4 does not properly prevent NULL sessions from accessing certain alternate named pipes, which allows remote attackers to (1) list Windows services via svcctl or (2) read eventlogs via eventlog. |
7.5 | 2005-06-13 | CVE-2005-1935 | Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. NOTE: the researcher has claimed that MS:MS04-007 fixes this issue. |
5 | 2005-05-02 | CVE-2005-1184 | The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. NOTE: some followups indicate that this issue could not be replicated. |
10 | 2005-05-02 | CVE-2005-0050 | The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the "License Logging Service Vulnerability." |
7.5 | 2005-05-02 | CVE-2005-0045 | The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2) Trans2 commands, aka the "Server Message Block Vulnerability," and as demonstrated using Trans2 FIND_FIRST2 responses with large file name length fields. |
7.5 | 2005-04-27 | CVE-2005-0416 | The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow. |
10 | 2005-01-10 | CVE-2004-1080 | The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability." |
10 | 2005-01-10 | CVE-2004-0901 | Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571. |
10 | 2005-01-10 | CVE-2004-0900 | The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition does not properly validate the length of certain messages, which allows remote attackers to execute arbitrary code via a malformed DHCP message, aka the "DHCP Request Vulnerability." |
5 | 2005-01-10 | CVE-2004-0899 | The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition, with DHCP logging enabled, does not properly validate the length of certain messages, which allows remote attackers to cause a denial of service (application crash) via a malformed DHCP message, aka "Logging Vulnerability." |
7.2 | 2005-01-10 | CVE-2004-0893 | The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability." |
10 | 2005-01-10 | CVE-2004-0571 | Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Table Conversion Vulnerability," a different vulnerability than CVE-2004-0901. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
24% (12) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
16% (8) | CWE-264 | Permissions, Privileges, and Access Controls |
14% (7) | CWE-20 | Improper Input Validation |
4% (2) | CWE-787 | Out-of-bounds Write |
4% (2) | CWE-346 | Origin Validation Error |
4% (2) | CWE-287 | Improper Authentication |
4% (2) | CWE-255 | Credentials Management |
4% (2) | CWE-16 | Configuration |
2% (1) | CWE-772 | Missing Release of Resource after Effective Lifetime |
2% (1) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
2% (1) | CWE-415 | Double Free |
2% (1) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
2% (1) | CWE-399 | Resource Management Errors |
2% (1) | CWE-367 | Time-of-check Time-of-use (TOCTOU) Race Condition |
2% (1) | CWE-295 | Certificate Issues |
2% (1) | CWE-200 | Information Exposure |
2% (1) | CWE-190 | Integer Overflow or Wraparound |
2% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
2% (1) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
2% (1) | CWE-19 | Data Handling |
2% (1) | CWE-17 | Code |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
CAPEC-10 | Buffer Overflow via Environment Variables |
CAPEC-11 | Cause Web Server Misclassification |
CAPEC-13 | Subverting Environment Variable Values |
CAPEC-17 | Accessing, Modifying or Executing Executable Files |
CAPEC-21 | Exploitation of Session Variables, Resource IDs and other Trusted Credentials |
CAPEC-27 | Leveraging Race Conditions via Symbolic Links |
CAPEC-29 | Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions |
CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
CAPEC-39 | Manipulating Opaque Client-based Data Tokens |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-47 | Buffer Overflow via Parameter Expansion |
CAPEC-59 | Session Credential Falsification through Prediction |
CAPEC-60 | Reusing Session IDs (aka Session Replay) |
CAPEC-61 | Session Fixation |
CAPEC-62 | Cross Site Request Forgery (aka Session Riding) |
CAPEC-75 | Manipulating Writeable Configuration Files |
CAPEC-76 | Manipulating Input to File System Calls |
CAPEC-77 | Manipulating User-Controlled Variables |
CAPEC-89 | Pharming |
CAPEC-92 | Forced Integer Overflow |
CAPEC-111 | JSON Hijacking (aka JavaScript Hijacking) |
CAPEC-118 | Data Leakage Attacks |
CAPEC-119 | Resource Depletion |
CAPEC-122 | Exploitation of Authorization |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:5579 | A TCP SYN packet with target host's address as both source and destination ca... |
oval:org.mitre.oval:def:5743 | A TCP SYN packet with target host's address as both source and destination ca... |
oval:org.mitre.oval:def:913 | IIS ASP Source Code Access Vulnerability |
oval:org.mitre.oval:def:1023 | WinNT Broad Permissions for Remote Registry Access |
oval:org.mitre.oval:def:952 | NT4.0 SNMP Denial of Service |
oval:org.mitre.oval:def:915 | IIS4.0 Buffer Overflow |
oval:org.mitre.oval:def:1021 | NT4.0 Remote Registry Access Authentication Vulnerability |
oval:org.mitre.oval:def:1079 | MS CIFS Spoofed Browse Frame Request Vulnerability |
oval:org.mitre.oval:def:500 | Default Permissions on RAS Administration Key |
oval:org.mitre.oval:def:139 | Default Registry Permissions on SNMP Parameters |
oval:org.mitre.oval:def:140 | Default Registry Permissions on the MTS Package Admin Key |
oval:org.mitre.oval:def:82 | Microsoft RPC Denial of Service |
oval:org.mitre.oval:def:334 | Windows NNTP Memory Leak |
oval:org.mitre.oval:def:253 | SQL Server Format String Vulnerability |
oval:org.mitre.oval:def:64 | Windows 2000 Trusted Domain Loophole |
oval:org.mitre.oval:def:159 | Windows NT Trusted Domain Loophole |
oval:org.mitre.oval:def:402 | SNMP Request Handling Buffer Overflow |
oval:org.mitre.oval:def:209 | SNMP Agent Service Buffer Overflow |
oval:org.mitre.oval:def:18 | Windows NT Shell Buffer Overflow |
oval:org.mitre.oval:def:147 | Windows 2000 Shell Buffer Overflow |
oval:org.mitre.oval:def:89 | Windows 2000 MUP UNC Request Buffer Overflow |
oval:org.mitre.oval:def:145 | Windows NT MUP UNC Request Buffer Overflow |
oval:org.mitre.oval:def:63 | Windows 2000 Remote Access Service Phonebook Buffer Overflow |
oval:org.mitre.oval:def:61 | Windows NT Remote Access Service Phonebook Buffer Overflow |
oval:org.mitre.oval:def:76 | Windows 2000 Process Handle Duplication Privilege Escalation |
SAINT Exploits
Description | Link |
---|---|
Microsoft Jet Engine MDB file ColumnName buffer overflow | More info here |
Windows LSASS buffer overflow | More info here |
Windows Task Scheduler buffer overflow | More info here |
Windows Cursor and Icon handling vulnerability | More info here |
Windows password weakness | More info here |
Windows RPC DCOM interface buffer overflow | More info here |
Microsoft SSL library PCT buffer overflow | More info here |
Microsoft WINS replication service pointer corruption | More info here |
Windows NetDDE buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
61854 | Microsoft Windows #GP Trap Handler (nt!KiTrap0D) Local Privilege Escalation |
60273 | Microsoft Windows NT Virtual DOS Machine 16-bit Executable Permission Bypass ... |
60145 | Microsoft Windows NT cmd.exe CD Command Arbitrary Local Code Execution |
59732 | Microsoft Windows Screensaver Domain Account Lock Verification Local Brute Fo... |
59515 | Microsoft Windows csrss.exe Command Prompt Input Manipulation Forced Reboot DoS |
59513 | Microsoft Windows NT winnt/system32 Write Access Local DoS (NT4ALL) |
59333 | Microsoft Windows NT Winlogon Key Local Shutdown DoS |
59325 | Microsoft Windows NT Scheduler Drive Mapping Permission Weakness Local Privil... |
59260 | Microsoft Windows NT SNMP Agent Query Saturation Remote DoS |
59250 | Microsoft Windows NT Fragmented Packet Handling Remote DoS (ntfrag) |
59249 | Windows NT Unprivileged Local Share Manipulation |
58090 | NTMail VRFY Functionality Persistence |
55332 | Microsoft Windows PPTP Server (Raspptpe.sys) Malformed Control Packet Remote DoS |
50533 | Microsoft Windows Media Services nskey.dll ActiveX CallHTMLHelp Method Overflow |
44880 | Microsoft Windows msjet40.dll MDB File Handling Overflow |
37637 | Microsoft Windows Crafted HLP File Overflow |
37635 | Microsoft Windows Virtual DOS Machine (VDM) PhysicalMemory Race Condition Loc... |
31645 | Microsoft Windows DNS Recursive Query DoS |
26433 | Microsoft Windows TCP/IP Protocol Driver Source Routing Overflow |
25336 | Microsoft Windows Distributed Transaction Coordinator (DTC) BuildContextW Req... |
25335 | Microsoft Windows Distributed Transaction Coordinator (DTC) CRpcIoManagerServ... |
24802 | Microsoft Windows Help winhlp32.exe Embedded Image Processing Overflow |
21598 | Microsoft Windows 2000 NetBIOS Port Crafted TCP Packet |
20886 | Microsoft IE Unspecified Margin/Padding Null Pointer Dereference DoS |
20188 | Microsoft Windows Crafted SMB SMBnegprots Request DOS |
ExploitDB Exploits
id | Description |
---|---|
21746 | MS Windows 2000/NT 4/XP Network Share Provider SMB Request Buffer Overflow (1) |
20006 | Windows NT 4.0 Remote Registry Request Dos Vulnerability (2) |
11199 | Windows NT - User Mode to Ring 0 Escalation Vulnerability |
3022 | MS Windows ASN.1 - Remote Exploit (MS04-007) |
1065 | MS Windows (SMB) Transaction Response Handling Exploit (MS05-011) |
771 | MS Internet Explorer .ANI files handling Downloader Exploit (MS05-002) |
765 | MS Internet Explorer .ANI files handling Universal Exploit (MS05-002) |
OpenVAS Exploits
id | Description |
---|---|
2012-07-25 | Name : Microsoft Windows Media Services ISAPI Extension Code Execution Vulnerabilities File : nvt/gb_ms_win_media_service_isapi_code_exec_vuln.nasl |
2011-10-14 | Name : Microsoft Windows SMB/NETBIOS NULL Session Authentication Bypass Vulnerability File : nvt/gb_ms_windows_smb_share_passwd_null_sec_bypass_vuln.nasl |
2011-08-12 | Name : Finger Service Remote Information Disclosure Vulnerability File : nvt/gb_finger_remote_info_disc_vuln.nasl |
2011-04-11 | Name : Microsoft Windows IPv4 Default Configuration Security Bypass Vulnerability File : nvt/gb_ms_windows_nic_security_bypass_vuln.nasl |
2010-07-08 | Name : Microsoft Windows GDI Multiple Vulnerabilities (925902) File : nvt/ms07-017.nasl |
2010-04-26 | Name : Windows NT NNTP Component Buffer Overflow File : nvt/gb_ms04_036.nasl |
2010-02-10 | Name : Microsoft Windows Kernel Could Allow Elevation of Privilege (977165) File : nvt/secpod_ms10-015.nasl |
2010-01-22 | Name : Microsoft Windows GP Trap Handler Privilege Escalation Vulnerability File : nvt/gb_ms_kernel_prv_esc_vuln.nasl |
2009-11-16 | Name : Microsoft RPC Interface Buffer Overrun (KB824146) File : nvt/msrpc_dcom2.nasl |
2009-03-16 | Name : Microsoft MS03-034 security check File : nvt/remote-MS03-034.nasl |
2009-03-15 | Name : MS04-011 security check File : nvt/remote-MS04-011.nasl |
2009-02-04 | Name : Detection of Dangerous ActiveX Control File : nvt/secpod_dangerous_activex_ctrl.nasl |
2008-11-27 | Name : Microsoft Windows Media Services nskey.dll ActiveX BOF Vulnerability File : nvt/gb_ms_win_media_services_actvx_bof_vuln.nasl |
2008-09-03 | Name : Windows Vulnerability in Microsoft Jet Database Engine File : nvt/win_CVE-2007-6026.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 333-1 (acm) File : nvt/deb_333_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 149-2 (glibc) File : nvt/deb_149_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 149-1 (glibc) File : nvt/deb_149_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 146-2 (dietlibc) File : nvt/deb_146_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 146-1 (dietlibc) File : nvt/deb_146_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 143-1 (krb5) File : nvt/deb_143_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 142-1 (openafs) File : nvt/deb_142_1.nasl |
2006-03-26 | Name : Microsoft's SQL Version Query File : nvt/mssql_version.nasl |
2005-11-03 | Name : Flaw in Microsoft VM Could Allow Code Execution (810030) File : nvt/smb_nt_ms02-052.nasl |
2005-11-03 | Name : War FTP Daemon USER/PASS Overflow File : nvt/DDI_warftpd_user_overflow.nasl |
2005-11-03 | Name : Unchecked Buffer in Windows Help(Q323255) File : nvt/smb_nt_ms02-055.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2008-A-0030 | Microsoft Jet Database Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0016013 |
2005-A-0001 | Multiple Vulnerabilities in Microsoft Windows Severity: Category I - VMSKEY: V0005996 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | JET VBA access RuleID : 985-community - Type : SERVER-IIS - Revision : 22 |
2014-01-10 | JET VBA access RuleID : 985 - Type : SERVER-IIS - Revision : 22 |
2014-01-10 | JET VBA access RuleID : 984-community - Type : SERVER-IIS - Revision : 25 |
2014-01-10 | JET VBA access RuleID : 984 - Type : SERVER-IIS - Revision : 25 |
2014-01-10 | DCERPC DIRECT ISystemActivator CoGetInstanceFromFile object call attempt RuleID : 9759 - Type : NETBIOS - Revision : 7 |
2014-01-10 | DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile little endian obje... RuleID : 9758 - Type : NETBIOS - Revision : 7 |
2014-01-10 | DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile little endian obje... RuleID : 9757 - Type : NETBIOS - Revision : 7 |
2014-01-10 | DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile object call attempt RuleID : 9756 - Type : NETBIOS - Revision : 7 |
2014-01-10 | DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile little endian object... RuleID : 9755 - Type : NETBIOS - Revision : 7 |
2014-01-10 | DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile object call attempt RuleID : 9754 - Type : NETBIOS - Revision : 7 |
2014-01-10 | DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile object call attempt RuleID : 9753 - Type : NETBIOS - Revision : 7 |
2014-01-10 | DCERPC DIRECT ISystemActivator CoGetInstanceFromFile little endian object cal... RuleID : 9752 - Type : NETBIOS - Revision : 7 |
2014-01-10 | DCERPC DIRECT ISystemActivator CoGetInstanceFromFile attempt RuleID : 9751 - Type : NETBIOS - Revision : 7 |
2014-01-10 | DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 9750 - Type : NETBIOS - Revision : 7 |
2014-01-10 | Alternate Data streams ASP file access attempt RuleID : 975-community - Type : SERVER-IIS - Revision : 27 |
2014-01-10 | Alternate Data streams ASP file access attempt RuleID : 975 - Type : SERVER-IIS - Revision : 27 |
2014-01-10 | DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 9749 - Type : NETBIOS - Revision : 7 |
2014-01-10 | DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile attempt RuleID : 9748 - Type : NETBIOS - Revision : 7 |
2014-01-10 | DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile little endian attempt RuleID : 9747 - Type : NETBIOS - Revision : 7 |
2014-01-10 | DCERPC DIRECT v4 ISystemActivator CoGetInstanceFromFile attempt RuleID : 9746 - Type : NETBIOS - Revision : 7 |
2014-01-10 | DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile attempt RuleID : 9745 - Type : NETBIOS - Revision : 7 |
2014-01-10 | DCERPC NCADG-IP-UDP v4 ISystemActivator CoGetInstanceFromFile little endian a... RuleID : 9744 - Type : NETBIOS - Revision : 7 |
2014-01-10 | DCERPC NCACN-HTTP v4 ISystemActivator CoGetInstanceFromFile little endian att... RuleID : 9743 - Type : NETBIOS - Revision : 5 |
2014-01-10 | DCERPC NCACN-IP-TCP v4 ISystemActivator CoGetInstanceFromFile little endian a... RuleID : 9742 - Type : NETBIOS - Revision : 5 |
2014-01-10 | DCERPC NCACN-IP-TCP v4 ISystemActivator CoGetInstanceFromFile attempt RuleID : 9741 - Type : NETBIOS - Revision : 5 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2011-09-15 | Name: It is possible to obtain the host SID for the remote host, without credentials. File: smb_host2sid_null_session.nasl - Type: ACT_GATHER_INFO |
2011-09-15 | Name: Nessus was able to enumerate local users, without credentials. File: smb_sid2localuser_null_session.nasl - Type: ACT_GATHER_INFO |
2010-11-23 | Name: The remote host has IP forwarding enabled. File: ip_forwarding_enabled.nasl - Type: ACT_GATHER_INFO |
2010-09-01 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sa-20020212-snmp-msgshttp.nasl - Type: ACT_GATHER_INFO |
2010-02-09 | Name: The Windows kernel is affected by two vulnerabilities allowing a local attack... File: smb_nt_ms10-015.nasl - Type: ACT_GATHER_INFO |
2009-11-06 | Name: It is possible to access a network share. File: smb_accessible_shares_unpriv.nasl - Type: ACT_GATHER_INFO |
2008-08-18 | Name: The remote web server is vulnerable to a cross-site scripting attack. File: siteserver_xss.nasl - Type: ACT_ATTACK |
2008-05-13 | Name: Arbitrary code can be executed on the remote host through the database engine. File: smb_nt_ms08-028.nasl - Type: ACT_GATHER_INFO |
2007-10-04 | Name: It is possible to log into the remote host. File: smb_blank_admin_password.nasl - Type: ACT_GATHER_INFO |
2007-10-04 | Name: It is possible to log into the remote host. File: smb_guest_account.nasl - Type: ACT_GATHER_INFO |
2007-10-04 | Name: It is possible to log into the remote Windows host with a NULL session. File: smb_null_session.nasl - Type: ACT_GATHER_INFO |
2007-03-16 | Name: Arbitrary code can be executed on the remote host. File: smb_kb828741.nasl - Type: ACT_GATHER_INFO |
2006-06-13 | Name: It is possible to execute code on the remote host. File: smb_nt_ms06-032.nasl - Type: ACT_GATHER_INFO |
2006-05-10 | Name: A vulnerability in MSDTC could allow remote code execution. File: smb_kb913580.nasl - Type: ACT_GATHER_INFO |
2006-05-09 | Name: It is possible to crash the remote MSDTC service. File: smb_nt_ms06-018.nasl - Type: ACT_GATHER_INFO |
2006-01-10 | Name: Arbitrary code can be executed on the remote host by sending a malformed file... File: smb_nt_ms06-002.nasl - Type: ACT_GATHER_INFO |
2006-01-03 | Name: Arbitrary code can be executed on the remote host through the DHCP service. File: smb_kb885249.nasl - Type: ACT_GATHER_INFO |
2005-12-13 | Name: A local user can elevate his privileges on the remote host. File: smb_nt_ms05-055.nasl - Type: ACT_GATHER_INFO |
2005-07-05 | Name: The remote host allows null session event log reading. File: smb_event_log_null_session.nasl - Type: ACT_GATHER_INFO |
2005-06-29 | Name: The remote host allows null session enumeration of running services. File: smb_enum_services_null_session.nasl - Type: ACT_GATHER_INFO |
2005-02-08 | Name: Arbitrary code can be executed on the remote host. File: smb_nt_ms05-010.nasl - Type: ACT_GATHER_INFO |
2005-02-08 | Name: Arbitrary code can be executed on the remote host. File: smb_nt_ms05-011.nasl - Type: ACT_GATHER_INFO |
2005-02-03 | Name: Random portions of memory may be disclosed thru the NetBIOS name service. File: smb_nt_ms03-034.nasl - Type: ACT_GATHER_INFO |
2005-01-11 | Name: Arbitrary code can be executed on the remote host through the web or email cl... File: smb_nt_ms05-002.nasl - Type: ACT_GATHER_INFO |
2004-12-15 | Name: Arbitrary code can be executed on the remote host. File: wins_replication_overflow.nasl - Type: ACT_GATHER_INFO |