Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft exchange server 2000 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2000-1139
The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow malicious users to gain privileges, aka the "Exchange User Account" vulnerability.
Microsoft Exchange Server 2000
6.4
CVSSv2
CVE-2002-0049
Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg key, which could allow remote malicious users to read or modify registry keys.
Microsoft Exchange Server 2000
2.1
CVSSv2
CVE-2001-0666
Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an authenticated user to cause a denial of service (CPU consumption) via a malformed OWA request for a deeply nested folder within the user's mailbox.
Microsoft Exchange Server 2000
2.6
CVSSv2
CVE-2006-1193
Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2000 SP1 through SP3, when running Outlook Web Access (OWA), allows user-assisted remote malicious users to inject arbitrary HTML or web script via unknown vectors related to "HTML parsing."
Microsoft Exchange Server 2000
1 EDB exploit
2.1
CVSSv2
CVE-2002-1876
Microsoft Exchange 2000 allows remote authenticated malicious users to cause a denial of service via a large number of rapid requests, which consumes all of the licenses that are granted to Exchange by IIS.
Microsoft Exchange Server 2000
5
CVSSv2
CVE-2002-1873
Microsoft Exchange 2000, when used with Microsoft Remote Procedure Call (MSRPC), allows remote malicious users to cause a denial of service (crash or memory consumption) via malformed MSRPC calls.
Microsoft Exchange Server 2000
5
CVSSv2
CVE-2001-0543
Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote malicious users to cause a denial of service (memory exhaustion) via a large number of malformed posts.
Microsoft Exchange Server 2000
Microsoft Windows Nt 4.0
Microsoft Windows 2000
5
CVSSv2
CVE-2000-1006
Microsoft Exchange Server 5.5 does not properly handle a MIME header with a blank charset specified, which allows remote malicious users to cause a denial of service via a charset="" command, aka the "Malformed MIME Header" vulnerability.
Microsoft Exchange Server 5.5
5
CVSSv2
CVE-2000-0216
Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an malicious user to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribut...
Microsoft Outlook
Microsoft Exchange Server
Microsoft Windows Messaging
7.5
CVSSv2
CVE-2002-0054
SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote malicious users to perform mail relaying via an SMTP AUTH command using null session credentials.
Microsoft Exchange Server 5.5
Microsoft Windows 2000 -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »