Microsoft Terminal Server — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Terminal Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2006-4465 — CVSS 10.0 (critical): Microsoft Terminal Server, when running an application session with the "Start program at logon" and "Override settings from user profile…
CVE-2000-0305 — CVSS 7.8 (high): Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by…
CVE-2007-2593 — CVSS 7.5 (high): The Terminal Server in Microsoft Windows 2003 Server, when using TLS, allows remote attackers to bypass SSL and self-signed certificate…
CVE-1999-0909 — CVSS 7.5 (high): Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the…
CVE-1999-0391 — CVSS 7.5 (high): The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response…
CVE-2000-0259 — CVSS 7.2 (high): The default permissions for the Cryptography\Offload registry key used by the OffloadModExpo in Windows NT 4.0 allows local users to obtain…
CVE-2000-0331 — CVSS 5.0 (medium): Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service…
CVE-2000-0404 — CVSS 5.0 (medium): The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master…
CVE-2001-0540 — CVSS 5.0 (medium): Memory leak in Terminal servers in Windows NT and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via…
CVE-1999-0680 — CVSS 5.0 (medium): Windows NT Terminal Server performs extra work when a client opens a new connection but before it is authenticated, allowing for a denial…
CVE-2000-0232 — CVSS 2.1 (low): Microsoft TCP/IP Printing Services, aka Print Services for Unix, allows an attacker to cause a denial of service via a malformed TCP/IP…