CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Windows Nt : Security Vulnerabilities Published In 1999

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2000-0328 1999-08-24 2008-09-10
5.0
None Remote Low Not required Partial None None
Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking.
2 CVE-2000-0073 DoS Overflow 1999-11-17 2008-09-10
5.0
None Remote Low Not required None None Partial
Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word.
3 CVE-1999-1455 1999-12-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host.
4 CVE-1999-1452 1999-12-31 2008-09-05
2.1
None Local Low Not required Partial None None
GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt.
5 CVE-1999-1365 +Priv Bypass 1999-06-28 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default.
6 CVE-1999-1364 DoS 1999-12-31 2008-09-05
2.1
None Local Low Not required None None Partial
Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext.
7 CVE-1999-1363 DoS 1999-12-31 2008-09-05
2.1
None Local Low Not required None None Partial
Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool.
8 CVE-1999-1362 DoS 1999-12-31 2008-09-05
2.1
None Local Low Not required None None Partial
Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters.
9 CVE-1999-1360 DoS 1999-12-31 2008-09-05
2.1
None Local Low Not required None None Partial
Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle.
10 CVE-1999-1359 Bypass 1999-12-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies.
11 CVE-1999-1358 Bypass 1999-12-31 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only.
12 CVE-1999-1317 +Priv 1999-12-31 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Windows NT 4.0 SP4 and earlier allows local users to gain privileges by modifying the symbolic link table in the \?? object folder using a different case letter (upper or lower) to point to a different device.
13 CVE-1999-1316 1999-12-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Passfilt.dll in Windows NT SP2 allows users to create a password that contains the user's name, which could make it easier for an attacker to guess.
14 CVE-1999-1294 1999-12-31 2008-09-05
2.1
None Local Low Not required Partial None None
Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore permissions, which are inherited by programs such as File Manager that are started from the Shortcut Bar, which could allow local users to read folders for which they do not have permission.
15 CVE-1999-1254 DoS 1999-03-08 2008-09-05
5.0
None Remote Low Not required None None Partial
Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables.
16 CVE-1999-1234 DoS 1999-10-26 2008-09-05
5.0
None Remote Low Not required None None Partial
LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo.
17 CVE-1999-1222 DoS 1999-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to cause a denial of service (crash) by returning 0.0.0.0 as the IP address for a DNS host name lookup.
18 CVE-1999-1157 DoS 1999-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface.
19 CVE-1999-1132 DoS 1999-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs.
20 CVE-1999-1127 DoS 1999-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability.
21 CVE-1999-1084 1999-12-31 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash.
22 CVE-1999-0995 20 DoS 1999-12-16 2008-09-09
7.8
None Remote Low Not required None None Complete
Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request."
23 CVE-1999-0994 255 1999-12-16 2008-09-09
5.0
None Remote Low Not required Partial None None
Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords.
24 CVE-1999-0987 287 1999-11-18 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name.
25 CVE-1999-0975 Exec Code 1999-12-10 2008-09-09
4.6
User Local Low Not required Partial Partial Partial
The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed.
26 CVE-1999-0918 20 DoS 1999-07-03 2008-09-09
7.8
None Remote Low Not required None None Complete
Denial of service in various Windows systems via malformed, fragmented IGMP packets.
27 CVE-1999-0909 264 Bypass 1999-09-20 2008-09-09
7.5
User Remote Low Not required Partial Partial Partial
Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability.
28 CVE-1999-0899 264 Exec Code 1999-11-04 2008-09-09
7.2
Admin Local Low Not required Complete Complete Complete
The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider.
29 CVE-1999-0898 119 DoS Overflow +Priv 1999-11-04 2008-09-09
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request.
30 CVE-1999-0886 16 1999-09-17 2008-09-09
9.0
Admin Remote Low Single system Complete Complete Complete
The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager.
31 CVE-1999-0874 119 DoS Overflow 1999-06-16 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
32 CVE-1999-0824 1999-11-30 2008-09-09
4.6
User Local Low Not required Partial Partial Partial
A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users.
33 CVE-1999-0819 1999-12-01 2008-09-09
5.0
None Remote Low Not required Partial None None
NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it.
34 CVE-1999-0815 DoS 1999-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries.
35 CVE-1999-0755 255 1999-05-27 2008-09-09
5.0
None Remote Low Not required Partial None None
Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option.
36 CVE-1999-0728 264 1999-07-06 2008-09-09
7.8
None Remote Low Not required None None Complete
A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them.
37 CVE-1999-0726 20 DoS 1999-06-30 2008-09-09
7.8
None Remote Low Not required None None Complete
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.
38 CVE-1999-0725 16 1999-08-19 2008-09-09
7.1
None Remote Medium Not required Complete None None
When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page".
39 CVE-1999-0723 DoS 1999-06-23 2008-09-09
7.1
None Remote Medium Not required None None Complete
The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.
40 CVE-1999-0721 20 DoS 1999-07-20 2008-09-09
7.8
None Remote Low Not required None None Complete
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.
41 CVE-1999-0717 1999-05-07 2008-09-09
2.6
None Remote High Not required None Partial None
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
42 CVE-1999-0716 Overflow 1999-05-17 2008-09-09
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.
43 CVE-1999-0715 DoS Exec Code Overflow 1999-05-20 2008-09-09
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.
44 CVE-1999-0700 119 Overflow 1999-07-29 2008-09-09
6.2
None Local High Not required Complete Complete Complete
Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file.
45 CVE-1999-0593 1999-01-01 2009-10-31
4.9
None Local Low Not required None None Complete
The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in.
46 CVE-1999-0581 1999-01-01 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions.
47 CVE-1999-0579 1999-01-01 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.
48 CVE-1999-0578 1999-01-01 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys.
49 CVE-1999-0577 1999-01-01 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.
50 CVE-1999-0570 1999-01-01 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Windows NT is not using a password filter utility, e.g. PASSFILT.DLL.
Total number of vulnerabilities : 64   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.