|
Vulnerability Report: Microsoft Windows 2000 Advanced Server
|
This vulnerability report for Microsoft Windows 2000 Advanced Server contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.
If you have information about a new or an existing vulnerability in Microsoft Windows 2000 Advanced Server then you are more than welcome to contact us.
|
|
|
|
|
Vendor, Links, and Unpatched Vulnerabilities
| Vendor |
Microsoft
|
|
|
Product Link
|
N/A
|
|
|
Affected By
|
239 Secunia advisories
260 Vulnerabilities
|
|
|
Monitor Product
|
Receive alerts for this product
|
|
|
Unpatched
|
10% (25 of 239 Secunia advisories)
|
|
Most Critical Unpatched
The most severe unpatched Secunia advisory affecting Microsoft Windows 2000 Advanced Server, with all vendor patches applied, is rated Moderately critical  .
|
|
|
|
|
|
31 Secunia Advisories in 2003
|
Secunia has issued a total of 31 Secunia advisories in 2003 for Microsoft Windows 2000 Advanced Server. Currently, 26% (8 out of 31) are marked as unpatched with the most severe being rated Less critical 
More information about the specific Secunia advisories affecting Microsoft Windows 2000 Advanced Server can be found below. Each Secunia advisory is enclosed by a box highlighted with a color representing its current patch status. You can read the complete Secunia advisories for thorough descriptions of the issues covered and for solution suggestions by clicking either the Secunia advisory title or the "Read More" links available for each Secunia advisory.
|
|
|
|
|
|
Release Date:
2003-11-11 |
Secunia Advisory ID:
SA10193 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
System access
|
Where:
From local network |
|
Short Description:
Microsoft has issued patches for Windows 2000 and XP. These fix a vulnerability in the Workstation service, which can be exploited by malicious people to compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2003-10-27 |
Secunia Advisory ID:
SA10066 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Privilege escalation
|
Where:
Local system |
|
Short Description:
A vulnerability has been reported in Microsoft HTML Help, which can be exploited by malicious, local users to escalate their privileges. [Read More]
|
|
|
|
|
|
Release Date:
2003-10-15 |
Secunia Advisory ID:
SA10011 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Microsoft has issued patches to fix a vulnerability in the Windows Trouble Shooter ActiveX Control. This can be exploited by malicious HTML documents like web sites and emails to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2003-10-15 |
Secunia Advisory ID:
SA10010 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Microsoft has issued patches to fix a vulnerability in Microsoft Windows (Internet Explorer) allowing malicious HTML documents like web pages or emails to install arbitrary ActiveX controls. [Read More]
|
|
|
|
|
|
Release Date:
2003-10-15 |
Secunia Advisory ID:
SA9978 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From local network |
|
Short Description:
ISS X-Force has reported a vulnerability in some versions of Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]
|
|
|
|
|
|
Release Date:
2003-10-15 |
Secunia Advisory ID:
SA10014 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Privilege escalation
|
Where:
Local system |
|
Short Description:
Microsoft has issued patches to fix a vulnerability in Microsoft Windows allowing malicious users to escalate their privileges. [Read More]
|
|
|
|
|
|
Release Date:
2003-10-15 |
Secunia Advisory ID:
SA10013 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Microsoft has issued patches for Microsoft Windows to fix a vulnerability in the Help and Support Center. [Read More]
|
|
|
|
|
|
Release Date:
2003-10-15 |
Secunia Advisory ID:
SA10012 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From local network |
|
Short Description:
Microsoft has issued patches for Microsoft Windows to fix a buffer overflow vulnerability in Messenger Service, which could lead to execution of arbitrary code. [Read More]
|
|
|
|
|
|
Release Date:
2003-10-11 |
Secunia Advisory ID:
SA9991 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From local network |
|
Short Description:
A vulnerability has been reported in Windows 2000, which can be exploited by malicious people to compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2003-10-03 |
Secunia Advisory ID:
SA9921 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Privilege escalation
|
Where:
Local system |
|
Short Description:
A vulnerability has been reported in Windows, which can be exploited by malicious, local users to terminate certain privileged programs. [Read More]
|
|
|
|
|
|
Release Date:
2003-09-22 |
Secunia Advisory ID:
SA9799 |
Solution Status:
Unpatched |
|
Criticality:
 |
Impact:
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
A vulnerability has been identified in the handling of TCP packets in Microsoft Windows 2000 and Windows XP, which potentially can expose sensitive information. [Read More]
|
|
|
|
|
|
Release Date:
2003-09-10 |
Secunia Advisory ID:
SA9692 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From local network |
|
Short Description:
Three vulnerabilities have been identified in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system or cause a DoS (Denial of Service). [Read More]
|
|
|
|
|
|
Release Date:
2003-09-03 |
Secunia Advisory ID:
SA9665 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of sensitive information
|
Where:
From local network |
|
Short Description:
A vulnerability has been discovered in all supported Windows versions except Windows ME, which can be exploited by malicious people to disclose potentially sensitive information. [Read More]
|
|
|
|
|
|
Release Date:
2003-08-20 |
Secunia Advisory ID:
SA9579 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From local network |
|
Short Description:
Microsoft has issued a patch for MDAC due to a vulnerability which allows malicious people to cause a buffer overflow. [Read More]
|
|
|
|
|
|
Release Date:
2003-07-23 |
Secunia Advisory ID:
SA9335 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been identified in DirectX allowing malicious people to gain system access. [Read More]
|
|
|
|
|
|
Release Date:
2003-07-16 |
Secunia Advisory ID:
SA9287 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From local network |
|
Short Description:
A vulnerability has been identified in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2003-07-09 |
Secunia Advisory ID:
SA9225 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Manipulation of data
DoS
System access
|
Where:
From local network |
|
Short Description:
A vulnerability has been identified in some versions of Windows, which can be exploited by malicious users to cause a DoS (Denial of Service) on a vulnerable system and potentially compromise it. [Read More]
|
|
|
|
|
|
Release Date:
2003-07-09 |
Secunia Advisory ID:
SA9224 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Privilege escalation
|
Where:
Local system |
|
Short Description:
A vulnerability has been identified in Windows 2000, which can be exploited by malicious, local users to escalate their privileges on a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2003-07-03 |
Secunia Advisory ID:
SA9175 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been reported in Windows 2000, which can be exploited by malicious people to crash applications and potentially compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2003-07-02 |
Secunia Advisory ID:
SA9170 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been identified in Windows NetMeeting, which can be exploited by malicious people to overwrite arbitrary files on a user's system with the privileges of the user. [Read More]
|
|
|
|
|
|
Release Date:
2003-06-25 |
Secunia Advisory ID:
SA9113 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been identified in all supported Windows versions, which can be exploited by malicious people to compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2003-05-28 |
Secunia Advisory ID:
SA8883 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been identified in some versions of Microsoft Windows, which can be exploited by a malicious person to execute arbitrary code on a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2003-04-22 |
Secunia Advisory ID:
SA8635 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Exposure of system information
Exposure of sensitive information
|
Where:
Local system |
|
Short Description:
Matthew Murphy has reported a security issue in Windows, which potentially can be exploited by malicious, local users to gain knowledge of sensitive information. [Read More]
|
|
|
|
|
|
Release Date:
2003-04-16 |
Secunia Advisory ID:
SA8609 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Privilege escalation
|
Where:
Local system |
|
Short Description:
A vulnerability has been identified in some versions of Windows, which can be exploited by malicious users on a vulnerable system to escalate their privileges. [Read More]
|
|
|
|
|
|
Release Date:
2003-04-09 |
Secunia Advisory ID:
SA8559 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability identified in Microsoft VM (Virtual Machine) shipped with almost all versions of Windows (except some versions of Windows XP) can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2003-03-19 |
Secunia Advisory ID:
SA8346 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability identified in all currently supported versions of Microsoft Windows can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2003-03-18 |
Secunia Advisory ID:
SA8329 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Exposure of sensitive information
|
Where:
Local system |
|
Short Description:
An information disclosure vulnerability has been identified in Windows 2000 and Windows XP, which can be exploited by a malicious, local user to gain knowledge of sensitive information. [Read More]
|
|
|
|
|
|
Release Date:
2003-02-20 |
Secunia Advisory ID:
SA8099 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
A vulnerability in Windows can be exploited by malicious people to crash certain applications on a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2003-01-28 |
Secunia Advisory ID:
SA7959 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
DoS
|
Where:
From local network |
|
Short Description:
Windows 2000 and XP systems running as terminal servers can be crashed by local users. This can be done via RDP (Remote Desktop Protocol) or Citrix ICA Clients. [Read More]
|
|
|
|
|
|
Release Date:
2003-01-23 |
Secunia Advisory ID:
SA7926 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Microsoft has issued a security bulletin regarding a buffer overflow in the Locator Service. The Locater service only runs by default on Windows NT and 2000 domain controllers. [Read More]
|
|
|
|
|
|
Release Date:
2003-01-07 |
Secunia Advisory ID:
SA7824 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
DoS
|
Where:
Local system |
|
Short Description:
Microsoft Windows 2000 and XP does not handle fonts correctly. Malformed font files can bring the system to an immediate reboot if viewed in the font viewer (fontview). [Read More]
|
|
|
