Windows NT RSHSVC program allows remote users to execute arbitrary commands.
Max CVSS
7.2
EPSS Score
0.21%
Published
1997-01-01
Updated
2022-08-17
The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.
Max CVSS
7.5
EPSS Score
0.38%
Published
1999-01-05
Updated
2022-08-17
NETBIOS share information may be published through SNMP registry keys in NT.
Max CVSS
7.5
EPSS Score
0.35%
Published
1997-01-01
Updated
2022-08-17
A Windows NT local user or administrator account has a guessable password.
Max CVSS
7.2
EPSS Score
0.04%
Published
1997-01-01
Updated
2022-08-17

CVE-1999-0504

Public exploit
A Windows NT local user or administrator account has a default, null, blank, or missing password.
Max CVSS
7.5
EPSS Score
0.55%
Published
1997-01-01
Updated
2022-08-17
A Windows NT domain user or administrator account has a guessable password.
Max CVSS
7.2
EPSS Score
0.04%
Published
1998-10-01
Updated
2022-08-17

CVE-1999-0506

Public exploit
A Windows NT domain user or administrator account has a default, null, blank, or missing password.
Max CVSS
7.2
EPSS Score
0.08%
Published
1998-10-01
Updated
2022-08-17
IP forwarding is enabled on a machine which is not a router or firewall.
Max CVSS
7.5
EPSS Score
0.35%
Published
1997-01-01
Updated
2022-08-17
A NETBIOS/SMB share password is the default, null, or missing.
Max CVSS
7.5
EPSS Score
0.35%
Published
1997-01-01
Updated
2022-08-17
The registry in Windows NT can be accessed remotely by users who are not administrators.
Max CVSS
7.5
EPSS Score
0.47%
Published
1997-01-01
Updated
2017-10-19
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.
Max CVSS
7.8
EPSS Score
0.35%
Published
1999-07-20
Updated
2018-10-12
The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.
Max CVSS
7.1
EPSS Score
0.68%
Published
1999-06-23
Updated
2018-10-12
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.
Max CVSS
7.8
EPSS Score
0.35%
Published
1999-06-30
Updated
2018-10-12
DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes.
Max CVSS
7.5
EPSS Score
1.49%
Published
1999-08-11
Updated
2018-10-30
Denial of service in various Windows systems via malformed, fragmented IGMP packets.
Max CVSS
7.8
EPSS Score
0.43%
Published
1999-07-03
Updated
2018-10-12
Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. NOTE: this problem may be limited when Windows 95/98 clients are used, or if the primary domain controller becomes unavailable.
Max CVSS
7.6
EPSS Score
0.91%
Published
2009-01-15
Updated
2020-01-10
The unattended installation of Windows 2000 with the OEMPreinstall option sets insecure permissions for the All Users and Default Users directories.
Max CVSS
7.2
EPSS Score
0.07%
Published
2000-04-07
Updated
2017-10-10
Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.
Max CVSS
7.8
EPSS Score
1.45%
Published
2000-05-19
Updated
2018-10-12
The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-05-11
Updated
2008-09-10
The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client NTLM Authentication" vulnerability.
Max CVSS
7.5
EPSS Score
2.67%
Published
2000-11-14
Updated
2018-10-12
Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Protocol Parsing" vulnerability. NOTE: It is highly likely that this candidate will be split into multiple candidates.
Max CVSS
7.5
EPSS Score
43.61%
Published
2000-12-19
Updated
2019-04-30
Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram.
Max CVSS
7.5
EPSS Score
1.76%
Published
2000-08-29
Updated
2017-12-19
Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process.
Max CVSS
7.2
EPSS Score
0.05%
Published
2001-03-12
Updated
2018-10-12
The "Configure Your Server" tool in Microsoft 2000 domain controllers installs a blank password for the Directory Service Restore Mode, which allows attackers with physical access to the controller to install malicious programs, aka the "Directory Service Restore Mode Password" vulnerability.
Max CVSS
7.2
EPSS Score
0.14%
Published
2001-02-12
Updated
2019-04-30
Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests.
Max CVSS
7.5
EPSS Score
1.30%
Published
2001-07-02
Updated
2018-10-12
180 vulnerabilities found
1 2 3 4 5 6 7 8
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!