Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: MS Windows 2003 SP2 - SANS Internet Storm Center

SANS Site Network

Current Site

SANS Internet Storm Center

Other SANS Sites Help

Graduate Degree Programs

Security Training

Security Certification

Security Awareness Training

Penetration Testing

Industrial Control Systems

Cyber Defense Foundations

DFIR

Software Security

Government OnSite Training

SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Log In or Sign Up for Free!

MS Windows 2003 SP2

Looking deeper into the security aspects of Windows 2003 SP2, we received a list of known CVEs that are supposed to be fixed in SP2 for Windows 2003:

CVE name	Affected	Reference
CVE-2006-5578	MSIE 6	MS06-072
CVE-2006-5577	MSIE 6	MS06-072
CVE-2006-3443	Winlogon	MS06-051
CVE-2006-3281	MSIE 6	MS06-045
CVE-2006-2385	MSIE	MS06-021
CVE-2006-2384	MSIE	MS06-021
CVE-2006-2379	TCP/IP stack	MS06-032
CVE-2006-2375	?	?
CVE-2006-2218	MSIE 6	MS06-021
CVE-2006-1992	MSIE 6	MS06-021
CVE-2006-1388	MSIE 6	MS06-013
CVE-2006-1359	MSIE 6	MS06-013
CVE-2006-1315	Server Service	MS06-035
CVE-2006-1313	Microsoft JScript	MS06-023
CVE-2006-1192	MSIE	MS06-013
CVE-2006-1190
CVE-2006-1189
CVE-2006-1188
CVE-2006-1185
CVE-2006-0026	IIS	MS06-034
CVE-2006-0021	TCP/IP stack	MS06-007
CVE-2006-0006	Media player	MS06-005
CVE-2005-4089	MSIE	MS06-021
CVE-2005-3240	MSIE race condition	MSRC blog
CVE-2005-2388	USB driver	?
CAN-2006-1626	MSIE	MS06-021
CAN-2005-2129	?	?
CAN-2005-2123	WMF	MS05-053
CAN-2005-0944	Jet DB	CERT vuln id 176380
CAN-2005-0803	EMF	MS05-053
CAN-2005-0109	Hyperthreading support	CERT vuln id 911878
CAN-2004-1331	MSIE	CERT vuln id 743974
CAN-2004-1173	MSIE	?
CAN-2004-1060	TCP/IP stack	MS05-019

There are a number of interesting things in here for sure.

--
Swa Frantzen -- NET2S

Swa

760 Posts

Mar 15th 2007

Thread locked Subscribe

Mar 15th 2007
1 decade ago

Sign Up for Free or Log In to start participating in the conversation!